Role-based Access Control (RBAC) models have been implemented not only in self-contained resource management products such as DBMSs and Operating Systems but also in a class of pr...
David F. Ferraiolo, Ramaswamy Chandramouli, Gail-J...
The recent emergence of mandatory access (MAC) enforcement for virtual machine monitors (VMMs) presents an opportunity to enforce a security goal over all its virtual machines (VM...
Abstract—By accurately measuring risk for enterprise networks, attack graphs allow network defenders to understand the most critical threats and select the most effective counter...
Kyle Ingols, Matthew Chu, Richard Lippmann, Seth E...
This paper concentrates on one particular aspect of providing communication security: rewalls between domains of trust. We argue that signaling support for providing scalable secu...
Accountability mechanisms, which rely on after-the-fact verification, are an attractive means to enforce authorization policies. In this paper, we describe an operational model of ...
Radha Jagadeesan, Alan Jeffrey, Corin Pitcher, Jam...