1. Ni, Q., Bertino, E., Lobo, J.: An obligation model bridging access control policies and privacy policies. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, SACMAT 2008, pp. 133–142. ACM, New York (2008)

2. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Artech House, Inc., Norwood (2003)

3. Konopacki, P., Frappier, M., Laleau, R.: Expressing access control policies with an event-based approach. In: WISSE (2011)

4. Frappier, M., St-Denis, R.: EB3: an entity-based black-box specification method for information systems. Software and System Modeling 2(2), 134–149 (2003)

5. Fraikin, B., Frappier, M., Laleau, R.: State-based versus event-based specifications for information systems: a comparison of B and EB3. Software and Systems Modeling 4(3), 236–257 (2005)