Towards Run-Time Verification in Access Control