© University of Kent - Contact | Feedback | Legal | FOI | Cookies
The Virtuous Circle of Expressing Authorisation Policies
David Chadwick and Angela Sasse
In Proceedings of the ISWC'06 Workshop on Semantic Web Policy (SWPW'06), pages 182-196, Georgia, USA, November 2006 . Available from: http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS//Vol-207/.Abstract
This short paper reports on a current project to conduct a detailed investigation into non-security professionals vocabulary and understanding of e-infrastructure and assets, with the longer term aim of building an ontology and controlled natural language interface that will allow them to build security policies, incorporating complex concepts such as delegation of authority, separation of duties (SoD), obligations and conditions. The interface is designed around the principle of the virtuous circle, whereby the users controlled natural language input is converted into machine processable XML, and then converted back again into natural language, so that the user can compare the computers understanding of his policy with his own. The user can then iteratively alter his policy until the input and output are semantically the same. To date, two GUI interfaces have been constructed that aid users in the construction of authorization policies, and produce natural language output. This will serve as a benchmark for measuring the ease of use and effectiveness of the controlled natural language interface. Work has started on the controlled natural language interface, and the first results are reported.
Download publication 153 kbytes (PDF)Bibtex Record
@inproceedings{2535, author = {David Chadwick and Angela Sasse}, title = {{T}he {V}irtuous {C}ircle of {E}xpressing {A}uthorisation {P}olicies}, month = {November}, year = {2006}, pages = {182-196}, keywords = {determinacy analysis, Craig interpolants}, note = {. Available from: http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS//Vol-207/ }, doi = {}, url = {http://www.cs.kent.ac.uk/pubs/2006/2535}, publication_type = {inproceedings}, submission_id = {5252_1179407715}, booktitle = {Proceedings of the ISWC'06 Workshop on Semantic Web Policy (SWPW'06) }, address = {Georgia, USA}, }