@inproceedings{43e8c72b1234474d8c28a0a72cdf9d0e,
title = "Specification and validation of authorisation constraints using UML and OCL",
abstract = "Authorisation constraints can help the policy architect design and express higher-level security policies for organisations such as financial institutes or governmental agencies. Although the importance of constraints has been addressed in the literature, there does not exist a systematic way to validate and test authorisation constraints. In this paper, we attempt to specify non-temporal constraints and history-based constraints in Object Constraint Language (OCL) which is a constraint specification language of Unified Modeling Language (UML) and describe how we can facilitate the USE tool to validate and test such policies. We also discuss the issues of identification of conflicting constraints and missing constraints.",
author = "Karsten Sohr and Ahn, {Gail Joon} and Martin Gogolla and Lars Migge",
note = "Copyright: Copyright 2008 Elsevier B.V., All rights reserved.; 10th European Symposium on Research in Computer Security, ESORICS 2005 ; Conference date: 12-09-2005 Through 14-09-2005",
year = "2005",
doi = "10.1007/11555827_5",
language = "English (US)",
isbn = "3540289631",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "64--79",
booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
}