Abstract
Policies are used to control the behavior of complex systems. In order to support reasoning about the behavior, it is necessary to have a precise specification of the policy, better if described in an intuitive visual formalism. Graphical constraints and graph transformation rules provide such a combination of a natural yet semantically sound formalization. Furthermore, the evolution of policies, the combination of policies and the stepwise development of policies can be given a solid foundation and their analysis and verification can benefit from the use of existing general graph transformation engines.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Policies for Distributed Systems and Networks, number 1995 in LNCS. Springer, 2001.
Elisa Bertino, Elena Ferrari, and Vijay Atluri. The Specification and Enforcement of Authotization Constraints in Workflow Management Systems. ACM Trancactions on Information and System Security, 2(1):65–104, February 1999.
P. Bonatti, S. de Capitani di Vimercati, and P. Samarati. A Modular Approach to Composing Access Control Policies. In Proc. of 7th ACM Conference on Computer and Communication Security, pages 164–173. ACM, 2000.
P. Bottoni, M. Koch, F. Parisi-Presicce, and G. Taentzer. Consistency checking and visualization of OCL constraints. In A. Evans and S. Kent, editors, UML 2000, number 1939 in LNCS, pages 294–308. Springer, 2000.
N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The Ponder Policy Specification Language. In Proc. of POLICY 2001 [1], pages 18–38.
F. Gadducci, R. Heckel, and M. Koch. A fully abstract model for graph-interpreted temporal logic. In H. Ehrig, G. Engels, H.J. Kreowski, and G. Rozenberg, editors, Proc. of 6th Int. Workshop on Theory and Graph Transformation, number 1764 in LNCS. Springer, 2000.
M. Große-Rhode, F. Parisi-Presicce, and M. Simeoni. Formal software specification with refinement and modules for typed graph transformation systems. Journal of Computer and System Sciences. to appear.
Y. Kanada. Taxonomy and Description of Policy Combination Methods. In Proc. of POLICY 2001 [1], pages 171–184.
M. Koch, L. V. Mancini, and F. Parisi-Presicce. On the Specification and Evolution of Access Control Policies. In S. Osborne, editor, Proc. 6th ACM Symp. on Access Control Models and Technologies, pages 121–130. ACM, May 2001.
M. Koch, L.V. Mancini, and F. Parisi-Presicce. A Formal Model for Role-Based Access Control using Graph Transformation. In F. Cuppens, Y. Deswarte, D. Gollmann, and M. Waidner, editors, Proc. of the 6th European Symposium on Research in Computer Security (ESORICS 2000), number 1895 in Lect. Notes in Comp. Sci., pages 122–139. Springer, 2000.
M. Koch, L.V. Mancini, and F. Parisi-Presicce. Foundations for a graph-based approach to the Specification of Access Control Policies. In F. Honsell and M. Miculan, editors, Proc. of Foundations of Software Science and Computation Structures (FoSSaCS 2001), Lect. Notes in Comp. Sci. Springer, March 2001.
M. Koch, L.V. Mancini, and F. Parisi-Presicce. Conflict Detection and Resolution in Access Control Policy Specifications. In M. Nielsen and U. Engberg, editors, Proc. of Foundations of Software Science and Computation Structures (FoSSaCS 2002), number 2303 in Lect. Notes in Comp. Sci., pages 223–237. Springer, 2002.
H.-J. Kreowski and S. Kuske. Graph transformation units and modules. In H. Ehrig, G. Engels, H.-J. Kreowski, and G. Rozenberg, editors, Handbook of Graph Grammars and Computing by Graph Transformation, volume 2, chapter 15, pages 607–638. 1999.
G. Rozenberg, editor. Handbook of Graph Grammars and Computing by Graph Transformations. Vol. I: Foundations, World Scientific, 1997.
R. S. Sandhu. Role-Based Access Control. In Advances in Computers, volume 46. Academic Press, 1998.
M. S. Sloman. Policy Driven Management for Distributed Systems. Network and Systems Management, 2(4):333–360, 1994.
C. Stirling. Modal and Temporal Logics. In Background: Computational structures, volume 2, pages 477–563. Clarendon Press, 1992.
D. Wijesekera and S. Jajodia. A policy algebra for access control: the propositional case. In Proc. of the 8th ACM Conference on Computer and Communication Security, pages 38–47. ACM Press, November 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Koch, M., Parisi-Presicce, F. (2002). Describing Policies with Graph Constraints and Rules. In: Corradini, A., Ehrig, H., Kreowski, H.J., Rozenberg, G. (eds) Graph Transformation. ICGT 2002. Lecture Notes in Computer Science, vol 2505. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45832-8_18
Download citation
DOI: https://doi.org/10.1007/3-540-45832-8_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44310-0
Online ISBN: 978-3-540-45832-6
eBook Packages: Springer Book Archive