Salvato in:
Dettagli Bibliografici
Autore principale: Faily, Shamal
Natura: Preprint
Pubblicazione: 2025
Soggetti:
Accesso online:https://arxiv.org/abs/2504.17906
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866908337217470464
author Faily, Shamal
author_facet Faily, Shamal
contents Access control needs have broad design implications, but access control specifications may be elicited before, during, or after these needs are captured. Because access control knowledge is distributed, we need to make knowledge asymmetries more transparent, and use expertise already available to stakeholders. In this paper, we present a tool-supported technique identifying knowledge asymmetries around access control based on asset and goal models. Using simple and conventional modelling languages that complement different design techniques, we provide boundary objects to make access control transparent, thereby making knowledge about access control concerns more symmetric. We illustrate this technique using a case study example considering the suitability of a reusable software component in a new military air system.
format Preprint
id arxiv_https___arxiv_org_abs_2504_17906
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle "Shifting Access Control Left" using Asset and Goal Models
Faily, Shamal
Cryptography and Security
Human-Computer Interaction
Access control needs have broad design implications, but access control specifications may be elicited before, during, or after these needs are captured. Because access control knowledge is distributed, we need to make knowledge asymmetries more transparent, and use expertise already available to stakeholders. In this paper, we present a tool-supported technique identifying knowledge asymmetries around access control based on asset and goal models. Using simple and conventional modelling languages that complement different design techniques, we provide boundary objects to make access control transparent, thereby making knowledge about access control concerns more symmetric. We illustrate this technique using a case study example considering the suitability of a reusable software component in a new military air system.
title "Shifting Access Control Left" using Asset and Goal Models
topic Cryptography and Security
Human-Computer Interaction
url https://arxiv.org/abs/2504.17906