The Open UniversitySkip to content
 

On Modelling access policies: relating roles to their organisational Context

Crook, R.; Ince, D. and Nuseibeh, Bashar (2005). On Modelling access policies: relating roles to their organisational Context. In: Proceedings of 13th IEEE International Conference on Requirements Engineering, 29 Aug-2 Sept 2005, Paris, France.

DOI (Digital Object Identifier) Link: http://dx.doi.org/10.1109/RE.2005.48
Google Scholar: Look up in Google Scholar

Abstract

The restriction of access is a mechanism by which organisations protect their information assets. Requirements models use actor definitions to describe users and to specify their access policies. Actors normally represent roles that users adopt, while roles can represent different things, such as a position in an organisation or the assignment of a task. Current requirements modelling approaches do not provide a systematic way of defining roles for incorporation into access policies. We address this issue by proposing a framework that facilitates the derivation of role definitions from their wider organisational context. We illustrate how our framework can be used to extend a formal version of i* – to define and verify access policies definitions – and demonstrate its applicability via a case study.

Item Type: Conference Item
Copyright Holders: 2005 IEEE
Academic Unit/Department: Mathematics, Computing and Technology > Computing & Communications
Interdisciplinary Research Centre: Centre for Research in Computing (CRC)
Item ID: 2103
Depositing User: Bashar Nuseibeh
Date Deposited: 07 Jun 2006
Last Modified: 04 May 2011 12:23
URI: http://oro.open.ac.uk/id/eprint/2103
Share this page:

Actions (login may be required)

View Item
Report issue / request change

Policies | Disclaimer

© The Open University   + 44 (0)870 333 4340   general-enquiries@open.ac.uk