Authentication, access control, and audit (3As) are three fundamental mechanisms in enterprise security management for countering various types of looming threats from both inside...
We present an approach to monitoring system policies. As a specification language, we use an expressive fragment of a temporal logic, which can be effectively monitored. We repor...
In language-based security, confidentiality and integrity policies conveniently specify the permitted flows of information between different parts of a program with diverse levels...
The management of policies in large-scale systems is complex because of the potentially large number of policies and administrators, as well as the diverse types of information th...
Nicodemos Damianou, Naranker Dulay, Emil Lupu, Mor...
Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege contained in an acce...