Investigation of Access Control Models with Formal Concept Analysis: A Case Study

Investigation of Access Control Models with Formal Concept Analysis: A Case Study

Web applications manage increasingly large amounts of sensitive information and often need to implement access control (AC) models. However, documentation about the implemented AC model is often sparse and few, if no tool exists to support AC model investigation. Based on the results of a previous s...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Gauthier, F., Merlo, E.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access control
access control models
Analytical models
Automata
Context
Documentation
formal concept analysis
Lattices
Mathematical model
reverse-engineering
web applications
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Web applications manage increasingly large amounts of sensitive information and often need to implement access control (AC) models. However, documentation about the implemented AC model is often sparse and few, if no tool exists to support AC model investigation. Based on the results of a previous study, we show how formal concept analysis (FCA) can support the understanding and visualization of reverse-engineered AC models. Results of applying FCA to Moodle, a medium-sized (625 473 LOC) Web application, are presented and discussed. We show how FCA enhances the overall comprehension of reverse-engineered AC models and sheds light on previously unknown features of Moodle's AC model.
ISSN:1534-5351
2640-7574
DOI:10.1109/CSMR.2012.50