Analysis, comparison and design of role-based security specifications

摘要

The need to analyze and compare the security specifications of different applications can arise in different contexts, such as the federated environments, to provide a unification layer for the federation, or, in the construction of security components, to support the reusability of security specifications. In this paper, we propose similarity criteria and associated metrics to compare security specifications of different applications and evaluate their similarities. We consider security specifications defined according to a role-based model, which provides powerful authorization mechanisms suitable for similarity analysis. We describe the application of the proposed similarity techniques to the construction and use of reusable security components.