Mouelhi et al.

Describes elements for specifying, deploying and testing of access control policies
Specurity Aspects
Name
Description
Specifies conflict free RBAC and OrBAC policies
Specification Elements
Name
Description
Specifies the types of entities, activities or data in the system that are usable in the access control policies

  • Security Aspects

    • Secure/Conflict Free RBAC, OrBAC

      Specifies conflict free RBAC and OrBAC policies
      Specification Elements:
      Parameter
      Threats:
      Elevation of Privileges
      Information Disclosure
      Tampering with Data
      Spoofing

    Specification Elements

    • Parameter

      Specifies the types of entities, activities or data in the system that are usable in the access control policies
      Applies to:
      Entity
      Activity
      Data