XACML does not natively support RBAC and even the specialized XACML profiles are not able to support many relevant constraints such as static and dynamic separation of duty. Exte...
Abstract. Trust Management is an approach to construct and interpret the trust relationships among public-keys that are used to mediate security-critical actions. Cryptographic cre...
The dynamic nature of JavaScript web applications has given rise to the possibility of privacy violating information flows. We present an empirical study of the prevalence of such...
This paper introduces the PeerAccess framework for reasoning about authorization in open distributed systems, and shows how a parameterization of the framework can be used to reas...
Marianne Winslett, Charles C. Zhang, Piero A. Bona...
Identity management has arisen as a major and urgent challenge for internet-based communications and information services. Internet services involve complex networks of relationshi...