A language driven approach to multi-system access control

Steven Davy, Jason Barron, Lei Shi, Bernard Butler, Brendan Jennings, Keith Griffin, Kevin Collins

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Citations (Scopus)

Abstract

Resource access control policies for an organization are often derived from best practice standards or from high level business policies. To ensure that access control is enforced effectively, these business policies need to be translated into deployable system configurations or lower level policies for multiple diverse systems. These target policy representations require experts to coordinate and collaborate so that business policies are fully supported. It is difficult and cumbersome to effectively ensure that all access control policies are enforced with the desired effect and in a consistent way, particularly given that there may be many people editing policies and that business policies can change over time. We present a language driven approach that abstracts access control policies into a clear and structured set of rules defined using terms familiar to a non-systems expert, which may then be realized into multiple levels of abstraction. Our proof of concept system uses Language-Driven Development (LDD) techniques to transform high level business policies into device specific policies that can be enforced by multiple access control system types. Our scenario examines the application of access control to instant messaging communications and network server access, two systems with different access control configuration languages.

Original languageEnglish
Title of host publicationProceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013
Pages1004-1008
Number of pages5
Publication statusPublished - 2013
Event2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013 - Ghent, Belgium
Duration: 27 May 201331 May 2013

Publication series

NameProceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013

Conference

Conference2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013
Country/TerritoryBelgium
CityGhent
Period27/05/201331/05/2013

Fingerprint

Dive into the research topics of 'A language driven approach to multi-system access control'. Together they form a unique fingerprint.

Cite this