Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, and the result of the policy on a request is determined by combining the result...
Ninghui Li, Qihua Wang, Wahbeh H. Qardaji, Elisa B...
Abstract. Decentralization is a major challenge for secure computing. In a decentralized setting, principals are free to distrust each other. The key challenge is to provide suppor...
Many software security policies can be encoded as aspects that identify and guard security-relevant program operations. Bugs in these aspectually-implemented security policies oft...
Abstract. Program monitoring is a well-established and efficient approach to security policy enforcement. An implementation of program monitoring that is particularly appealing for...
Mads Dam, Bart Jacobs 0002, Andreas Lundblad, Fran...
Role-Based Access Control (RBAC) is a widely used model for expressing access control policies. In large organizations, the RBAC policy may be collectively managed by many adminis...
Amit Sasturkar, Ping Yang, Scott D. Stoller, C. R....