A Model-Driven Approach for the Specification and Analysis of Access Control Policies

The last years have seen the definition of many languages, models and standards tailored to specify and enforce access Control policies, but such frameworks do not provide methodological support during the policy specification process. In particular, they do not provide facilities for the analysis of the social context where the system operates. In this paper we propose a model-driven approach for the specification and analysis of access control policies. We build this framework Oil top of SI*. a modeling language tailored to capture and analyze functional and Security requirements of socio-technical systems. The framework also provides formal mechanisms to assist policy writers and system administrators in the verification of access control policies and of the actual user-permission assignment.