Date: 09 Jun 2005

Formal specification of security requirements using the theory of normative positions

* Final gross prices may vary according to local VAT.

Get Access

Abstract

We use a number of the examples presented in [Ting 1990] to illustrate how the formal theory of normative positions may serve as a tool for clarifying, and making precise, the specification of security requirements, particularly in regard to access control. We describe the basic features of the theory of normative positions (which has its roots in the analytical theory of law), and of the modal logics (deontic and action logics) involved in its formulation. We then indicate three levels of software we have under development, which aim to turn the analytical procedures into a practical tool. Our concluding remarks relate our discussion of Ting's examples to some particular issues in the formal specification of computer systems.

On leave from Norwegian Research Centre for Computers and Law, and Department of Philosophy, University of Oslo.