%0 Book Section
%A Bush, Marianne
%A Koch, Nora
%A Masi, Massimiliano
%A Pugliese, Rosario
%A Tiezzi, Francesco
%B Proceedings of 1st International Workshop on Model-Driven Security (MDsec)
%D 2012
%F eprints:1574
%I Springer
%K Security, Model-driven development, Web engineering
%N 4
%T Towards Model-Driven Development of Access Control Policies for Web Applications
%U http://eprints.imtlucca.it/1574/
%X We introduce a UML-based notation for graphically modeling  systems’ security aspects in a simple and intuitive  way and a model-driven process that transforms graphical  specifications of access control policies in XACML. These  XACML policies are then translated in FACPL, a policy  language with a formal semantics, and the resulting policies  are evaluated by means of a Java-based software tool.