Authorization logics provide a principled and flexible approach to specifying access control policies. One of their compelling benefits is that a proof in the logic is evidence ...
Jeffrey A. Vaughan, Limin Jia, Karl Mazurak, Steve...
Most formal approaches to security protocol analysis are based on a set of assumptions commonly referred to as the "Dolev-Yao model." In this paper, we use a multiset re...
Iliano Cervesato, Nancy A. Durgin, Patrick Lincoln...
We address the programmatic realization of the access control model of security in distributed systems. Our aim is e the gap between abstract/declarative policies and their concre...
Andrew Cirillo, Radha Jagadeesan, Corin Pitcher, J...
This paper presents the Authorization Service provided by Tivoli Policy Director (PD) and its use by PD family members as well as third-party applications. Policies are defined ov...
Current implementations of Java make security decisions by searching the runtime call stack. These systems have attractive security properties, but they have been criticized as be...