We present a modelling language, called X -Policy, for web-based collaborative systems with dynamic access control policies. The access to resources in these systems depends on the state of the system and its configuration. The X -Policy language models systems as a set of actions. These actions can model system operations which are executed by users. The X -Policy language allows us to specify execution permissions on each action using complex access conditions which can depend on data values, other permissions, and agent roles. We demonstrate that X -Policy is expressive enough to model collaborative conference management systems. We model the EasyChair conference management system and we reason about three security attacks on EasyChair. © 2010 IFIP International Federation for Information Processing.
CITATION STYLE
Qunoo, H., & Ryan, M. (2010). Modelling dynamic access control policies for web-Based collaborative systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6166 LNCS, pp. 295–302). https://doi.org/10.1007/978-3-642-13739-6_20
Mendeley helps you to discover research relevant for your work.