On Modelling Access Policies: Relating Roles to their Organisational Context

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Robert Crook Articles by Darrel Ince Articles by Bashar Nuseibeh

13th IEEE International Requirements Engineering Conference (RE'05)

Paris, France

August 29-September 02

ISBN: 0-7695-2425-7

	ASCII Text	x
	Robert Crook, Darrel Ince, Bashar Nuseibeh, "On Modelling Access Policies: Relating Roles to their Organisational Context," Requirements Engineering, IEEE International Conference on, pp. 157-166, 13th IEEE International Requirements Engineering Conference (RE'05), 2005.

	BibTex	x
	@article{ 10.1109/RE.2005.48, author = {Robert Crook and Darrel Ince and Bashar Nuseibeh}, title = {On Modelling Access Policies: Relating Roles to their Organisational Context}, journal ={Requirements Engineering, IEEE International Conference on}, volume = {0}, year = {2005}, isbn = {0-7695-2425-7}, pages = {157-166}, doi = {http://doi.ieeecomputersociety.org/10.1109/RE.2005.48}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Requirements Engineering, IEEE International Conference on TI - On Modelling Access Policies: Relating Roles to their Organisational Context SN - 0-7695-2425-7 SP157 EP166 A1 - Robert Crook, A1 - Darrel Ince, A1 - Bashar Nuseibeh, PY - 2005 KW - null VL - 0 JA - Requirements Engineering, IEEE International Conference on ER -

Robert Crook, The Open University, UK

Darrel Ince, The Open University, UK

Bashar Nuseibeh, The Open University, UK

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/RE.2005.48

The restriction of access is a mechanism by which organisations protect their information assets. Requirements models use actor definitions to describe users and to specify their access policies. Actors normally represent roles that users adopt, while roles can represent different things, such as a position in an organisation or the assignment of a task. Current requirements modelling approaches do not provide a systematic way of defining roles for incorporation into access policies. We address this issue by proposing a framework that facilitates the derivation of role definitions from their wider organisational context. We illustrate how our framework can be used to extend a formal version of i - to define and verify access policies definitions - and demonstrate its applicability via a case study.

Citation:

Robert Crook, Darrel Ince, Bashar Nuseibeh, "On Modelling Access Policies: Relating Roles to their Organisational Context," re, pp.157-166, 13th IEEE International Requirements Engineering Conference (RE'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.