13th IEEE International Conference on Requirements Engineering (RE'05) 2005
DOI: 10.1109/re.2005.48
|View full text |Cite
|
Sign up to set email alerts
|

On modelling access policies: relating roles to their organisational context

Abstract: Abstract

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
14
0

Year Published

2006
2006
2014
2014

Publication Types

Select...
4
3
3

Relationship

0
10

Authors

Journals

citations
Cited by 35 publications
(14 citation statements)
references
References 33 publications
0
14
0
Order By: Relevance
“…This approach to RE is reactive and focuses on low level security requirements. The work on high level security policies on methodologies for structuring, modeling and reasoning is done in [12] [13] [14]. But the behavioral specification of threats, attacks should be optimized at RE and design level.…”
Section: Realization Of Security At Re Levelmentioning
confidence: 99%
“…This approach to RE is reactive and focuses on low level security requirements. The work on high level security policies on methodologies for structuring, modeling and reasoning is done in [12] [13] [14]. But the behavioral specification of threats, attacks should be optimized at RE and design level.…”
Section: Realization Of Security At Re Levelmentioning
confidence: 99%
“…We continue to use access control as an example to illustrate a hierarchy due to its large amount of related work including various aspects and specialized models [32,33,34,35]. Not only is it a commonly understood aspect of security, but it also includes many facets which allow us to demonstrate the different benefits of using a feature diagram to illustrate the pattern.…”
Section: Pattern Hierarchymentioning
confidence: 99%
“…These characteristics are the line of authority (vertical differentiation) and the division of work (horizontal differentiation). We can capture this with the use of the three basic framework elements: "authority," representing the level of authority; "org_function," representing the differentiation of organizational functions; and "org_domain," representing differentiations according to market-based characteristics (Crook, Ince, & Nuseibeh, 2005). …”
Section: The Proposed Infrastructure and Role Decomposition Processmentioning
confidence: 99%