The design of ecient and eective techniques for security policy analysis and management is a crucial open problem in modern information systems. The increasing complexity of current IT systems requires new techniques for designing access control policies. Thus, in order to ease the denition and management of access control policies, a tool chain that lets developers dening and managing security policies is needed. This tool chain can be used to support a model-driven approach to the denition and implementation of access control policies, in which the policies are rened in several steps in order to produce concrete security congurations. In this paper we present an extension of the PoSecCo Eclipse Policy Plug- in (PEPP), which provides to the users three dierent reasoning services for detecting anomalies in security policies. The reasoning services are based on Semantic Web and ontology management technologies, which oer an adequate basis for the realization of techniques able to support conict analysis in security policies. The three services are: (a) Policy
[1]
L. Stein,et al.
OWL Web Ontology Language - Reference
,
2004
.
[2]
H. Lan,et al.
SWRL : A semantic Web rule language combining OWL and ruleML
,
2004
.
[3]
Harry D. Raduege,et al.
Securing Cyberspace for the 44th Presidency
,
2008
.
[4]
Ravi S. Sandhu,et al.
Role-Based Access Control
,
1998,
Adv. Comput..
[5]
E. Prud hommeaux,et al.
SPARQL query language for RDF
,
2011
.
[6]
Jorge Lobo,et al.
Mining Roles with Multiple Objectives
,
2010,
TSEC.
[7]
Stefano Paraboschi,et al.
An Eclipse plug-in for specifying security policies in modern information systems
,
2011
.