Security must be a first class citizen in the design of large scale, interacting, software applications, at early and all stages of the lifecycle, for accurate and precise policy ...
Thuong Doan, Steven A. Demurjian, T. C. Ting, Andr...
Separation of duties (SoD) is a key security requirement for many business and information systems. Role Based Access Controls (RBAC) is a relatively new paradigm for protecting i...
David W. Chadwick, Wensheng Xu, Sassa Otenko, Roma...
We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our ...
This paper introduces the PeerAccess framework for reasoning about authorization in open distributed systems, and shows how a parameterization of the framework can be used to reas...
Marianne Winslett, Charles C. Zhang, Piero A. Bona...
Inline reference monitoring is a powerful technique to enforce security policies on untrusted programs. The security-by-contract paradigm proposed by the EU FP6 S3 MS project uses...
Mads Dam, Bart Jacobs 0002, Andreas Lundblad, Fran...