Title: RATIONALE AND DESIGN OF THE ACCESS SPECIFICATION LANGUAGE RASP
Issue Number: | Vol. 1, No. 1 |
Year of Publication: | Aug - 2012 |
Page Numbers: | 1-14 |
Authors: | Mark Evered |
Journal Name: | International Journal of Cyber-Security and Digital Forensics (IJCSDF) - Hong Kong |
Abstract:
In this paper we describe the formal specification language RASP for expressing fine-grained access control constraints in information systems. The design of the language is motivated by a number of IS case studies which demonstrate the complexity of the access constraints which arise if minimal (need-to-know) access is to be strictly enforced. RASP supports modularity, parameterization, role acquisition, constraint expressions and a symmetrical approach to role transitions and attribute transitions. No existing access control specification language supports all of these complex, realistic requirements.