A Certified Core Policy Language

Abstract: We present the design and implementation of a Certified Core Policy Language (AC-CPL) that can be used to express access-control rules and policies. Although full-blown access-control policy languages such as eXtensible Access Control Markup Language (XACML) [OAS13] already exist, because access rules in such languages are often expressed in a declarative manner using fragments of a natural language like English, it isn't always clear what the intended behaviour of the system encoded in these access rules shou… Show more

“…In related work, ACCPL (A Certified Core Policy Language) [19] represents some preliminary work using our approach, i.e., building in formal semantics from the start, but in the domain of web services and digital resources, with some very basic properties proved, which include determinism, but not the other properties considered here. In other work, a variety of other studies have included the formalization of various aspects of access control policies using different and sometimes quite complex logics and algorithms, e.g., [20][21][22][23].…”

A Certified Access Control Policy Language: TEpla

“…In related work, ACCPL (A Certified Core Policy Language) [19] represents some preliminary work using our approach, i.e., building in formal semantics from the start, but in the domain of web services and digital resources, with some very basic properties proved, which include determinism, but not the other properties considered here. In other work, a variety of other studies have included the formalization of various aspects of access control policies using different and sometimes quite complex logics and algorithms, e.g., [20][21][22][23].…”

A Certified Access Control Policy Language: TEpla

Formal Verification of a Certified Policy Language

A certified access control policy language: TEpla