Studies have shown that users have great difficulty specifying their security and privacy policies in a variety of application domains. While machine learning techniques have succ...
Patrick Gage Kelley, Paul Hankes Drielsma, Norman ...
The security policy of an information system may include a wide range of different requirements. The literature has primarily focused on access and information flow control require...
Policy conflict analysis processes based solely on the examination of policy language constructs can not readily discern the semantics associated with the managed system for which ...
: This paper proposes a framework for the detection of information leaks in workflow descriptions based on static information flow analysis. Despite the correct deployment of acces...
Privacy policies often place requirements on the purposes for which a governed entity may use personal information. For example, regulations, such as HIPAA, require that hospital ...
Michael Carl Tschantz, Anupam Datta, Jeannette M. ...