Special Issue Paper
XFPM-RBAC: XML-based specification language for security policies in multidomain mobile networks
Article first published online: 27 JAN 2012
Copyright © 2012 John Wiley & Sons, Ltd.
Security and Communication Networks
Volume 6, Issue 12, pages 1420–1444, December 2013
How to Cite
Unal, D. and Caglayan, M. U. (2013), XFPM-RBAC: XML-based specification language for security policies in multidomain mobile networks. Security Comm. Networks, 6: 1420–1444. doi: 10.1002/sec.411
- Issue published online: 28 NOV 2013
- Article first published online: 27 JAN 2012
- Manuscript Accepted: 5 NOV 2011
- Manuscript Revised: 20 SEP 2011
- Manuscript Received: 19 MAY 2011
- security policy;
- formal methods
We present XFPM-RBAC (XML-based formal policy language for mobility with role-based access control), an XML-based specification language for specification of domain and interdomain security policies with location and mobility constraints based on role-based access control. XFPM-RBAC supports specification of locations, mobility, interdomain access rights, role mapping, and separation of duty (SOD) aspects of security policies. XFPM-RBAC builds upon the FPM-RBAC security policy model that we have recently proposed. XFPM-RBAC consists of XML schemas, which define domain security policy, interdomain security policy, locations, mobility, and SOD constructs. A Security Policy Management Interface application is also developed for specification and administration of security policies as a prototype implementation of XFPM-RBAC. XFPM-RBAC supports extraction of formal specifications from security policies for the purpose of automated verification of security policies. Automated extraction of formal specifications is based on XSLT (Extensible Stylesheet Language Transformations). Formal specification of security policies together with location and mobility constraints within security policy rules are based on ambient calculus and ambient logic. Copyright © 2012 John Wiley & Sons, Ltd.