A Component-Based Access Control Monitor [chapter]

Zhiming Liu, Charles Morisset, Volker Stolz
2008 Communications in Computer and Information Science  
A control of access to information is increasingly becoming necessary as the systems managing this information is more and more open and available through non secure networks. Integrating an access control monitor within a large system is a complex task, since it has to be an "all or nothing" integration. The least error or mistake could lead to jeopardize the whole system. We present a formal specification of an access control monitor using the calculus of refinement of component and object
more » ... tems (rCOS). We illustrate this implementation with the well known Role Based Access Control (RBAC) policy and we show how to integrate it within a larger system.
doi:10.1007/978-3-540-88479-8_24 fatcat:pu7wee6xuzca7fqu3dnng2auzq