Investigation of Access Control Models with Formal Concept Analysis: A case study

被引:2
|
作者
Gauthier, Francois [1 ]
Merlo, Ettore [1 ]
机构
[1] Ecole Polytech Montreal, Dept Comp Engn, Montreal, PQ, Canada
来源
2012 16TH EUROPEAN CONFERENCE ON SOFTWARE MAINTENANCE AND REENGINEERING (CSMR) | 2012年
关键词
formal concept analysis; access control models; web applications; reverse-engineering;
D O I
10.1109/CSMR.2012.50
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Web applications manage increasingly large amounts of sensitive information and often need to implement access control (AC) models. However, documentation about the implemented AC model is often sparse and few, if no tool exists to support AC model investigation. Based on the results of a previous study, we show how formal concept analysis (FCA) can support the understanding and visualization of reverse-engineered AC models. Results of applying FCA to Moodle, a medium-sized (625 473 LOC) Web application, are presented and discussed. We show how FCA enhances the overall comprehension of reverse-engineered AC models and sheds light on previously unknown features of Moodle's AC model.
引用
收藏
页码:397 / 402
页数:6
相关论文
共 50 条
  • [1] Modeling Access Permissions in Role Based Access Control Using Formal Concept Analysis
    Kumar, Ch. Aswani
    WIRELESS NETWORKS AND COMPUTATIONAL INTELLIGENCE, ICIP 2012, 2012, 292 : 578 - 583
  • [2] Modeling Chinese Wall Access Control Using Formal Concept Analysis
    Mouliswaran, S. Chandra
    Kumar, Ch. Aswani
    Chandrasekar, C.
    2014 INTERNATIONAL CONFERENCE ON CONTEMPORARY COMPUTING AND INFORMATICS (IC3I), 2014, : 811 - 816
  • [3] Designing role-based access control using formal concept analysis
    Kumar, Ch. Aswani
    SECURITY AND COMMUNICATION NETWORKS, 2013, 6 (03) : 373 - 383
  • [4] A formal framework for adaptive access control models
    Rinderle, Stefanie
    Reichert, Manfred
    JOURNAL ON DATA SEMANTICS IX, 2007, 4601 : 82 - +
  • [5] Formal definition and comparison of access control models
    Habib, Lionel
    Jaume, Mathieu
    Morisset, Charles
    JOURNAL OF INFORMATION ASSURANCE AND SECURITY, 2009, 4 (04): : 372 - 381
  • [6] A formal approach to implement access control models
    Jaume, Mathieu
    Morisset, Charles
    JOURNAL OF INFORMATION ASSURANCE AND SECURITY, 2006, 1 (02): : 137 - 148
  • [7] Modeling Fuzzy Role Based Access Control Using Fuzzy Formal Concept Analysis
    Subramanian, Chandra Mouliswaran
    Cherukuri, Aswani Kumar
    Chelliah, Chandrasekar
    SECURITY IN COMPUTING AND COMMUNICATIONS (SSCC 2015), 2015, 536 : 176 - 185
  • [8] Formal analysis of access control policies
    Bryans, Jeremy W.
    PROCEEDINGS OF THE UK E-SCIENCE ALL HANDS MEETING 2006, 2006, : 701 - 708
  • [9] Formal concept analysis for investigation of normal accidents
    Hashemi, RR
    Le Blanc, LA
    Kobayashi, T
    INTERNATIONAL JOURNAL OF GENERAL SYSTEMS, 2004, 33 (05) : 469 - 484
  • [10] Building Pedagogical Models by Formal Concept Analysis
    Fenza, Giuseppe
    Orciuoli, Francesco
    INTELLIGENT TUTORING SYSTEMS, ITS 2016, 2016, 9684 : 144 - 153
12345