PolicyDSL: Towards generic access control management based on a policy metamodel

Author

Trninic, Branislav ; Sladic, Goran ; Milosavljevic, Gordana ; Milosavljevic, Branko ; Konjovic, Zora

Author_Institution

Fac. of Tech. Sci., Univ. of Novi Sad, Novi Sad, Serbia

fYear

2013

fDate

22-24 Sept. 2013

Firstpage

217

Lastpage

223

Abstract

The paper presents a generic access control management infrastructure suitable for a broad set of systems. The generic infrastructure is based on our policy metamodel (level M2), which is used for the specification of the needed policy model (level M1) such as RBAC, GTRBAC, etc. Having a defined policy model, the abstract and concrete syntaxes of PolicyDSL, our textual DSL for expressing access control policies, are dynamically generated. A security expert is then able to express the actual access control policies (level M0) for the given access control model using the generated DSL. The presented solution can be applied, with no changes, to a number of systems that are based on different access control models or their variants.

Keywords

authorisation; computational linguistics; formal specification; specification languages; GTRBAC; PolicyDSL; RBAC; abstract syntaxes; access control policies; concrete syntaxes; domain-specific languages; generic access control management; level M1; level M2; policy metamodel; role based access control; security expert; textual DSL; Access control; Concrete; DSL; Standards; Syntactics; Unified modeling language;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Software Methodologies, Tools and Techniques (SoMeT), 2013 IEEE 12th International Conference on

Conference_Location

Budapest

Print_ISBN

978-1-4799-0419-8

Type

conf

DOI

10.1109/SoMeT.2013.6645665

Filename

6645665