For software applications in domains such as healthcare, the sensitivity of the data processed is such that access must be restricted to authorized users. These applications require a fine-granular enforcement of a context-based access control policy to control access to an asset, based on contextual information that is related to the access request. Due to the complexity and scale of contemporary software systems, the integration of context-based access control in an application constitutes a major engineering challenge. It is hard to obtain uniform access control enforcement in the numerous...