Second European Symposium on Research in Computer Security (ESORICS 92)
Formal Specification of Security Requirements using the Theory of Normative Positions
Andrew J. I. Jones, Marek Sergot
Keywords :
Abstract : We use a number of the examples presented in Ting1990 to illustrate how the formal theory of normative positions may serve as a tool for clarifying, and making precise, the specification of security requirements, particularly in regard to access control. We describe the basic features of the theory of normative positions (which has its roots in the analytical theory of law), and of the modal logics (deontic and action logics) involved in its formulation. We the indicate three levels of software we have under development, which aim to turn the analytical procedures into a practical tool. Our concluding remarks relate our discussion of Ting's examples to some particular issues in the formal specification of computer systems.
(Pages 103-121)