Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security 2023
DOI: 10.1145/3576915.3623196
|View full text |Cite
|
Sign up to set email alerts
|

Is Modeling Access Control Worth It?

David Basin,
Juan Guarnizo,
Srđan Krstic
et al.

Abstract: Implementing access control policies is an error-prone task that can have severe consequences for the security of software applications. Model-driven approaches have been proposed in the literature and associated tools have been developed with the goal of reducing the complexity of this task and helping developers to produce secure software efficiently. Nevertheless, there is a lack of empirical data supporting the advantages of model-driven security approaches over code-centric approaches, which are the de-fa… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
1
0

Year Published

2024
2024
2024
2024

Publication Types

Select...
1

Relationship

0
1

Authors

Journals

citations
Cited by 1 publication
(1 citation statement)
references
References 22 publications
(26 reference statements)
0
1
0
Order By: Relevance
“…Model transformations are parametrized by a specific implementation technology and can target popular technology-specific infrastructure (e.g., authorization frameworks like JAAS [47]). MDD was shown to reduce system development time, and improve correctness [31] and security [17] with respect to a system specification.…”
Section: Introductionmentioning
confidence: 99%

Model-driven Privacy

Krstic,
Nguyen,
Basin
2024
PoPETs
0
0
0
0
View full textAdd to dashboardCite
show abstract
“…Model transformations are parametrized by a specific implementation technology and can target popular technology-specific infrastructure (e.g., authorization frameworks like JAAS [47]). MDD was shown to reduce system development time, and improve correctness [31] and security [17] with respect to a system specification.…”
Section: Introductionmentioning
confidence: 99%

Model-driven Privacy

Krstic,
Nguyen,
Basin
2024
PoPETs
0
0
0
0
View full textAdd to dashboardCite
show abstract
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.