Security-sensitive business processes are business processes that must comply with security requirements (e.g. authorization constraints). In previous works it has been shown that ...
Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege contained in an acce...
Controlled Query Evaluation (CQE) is a logical framework for the protection of secrets in databases. In this article, we extend the CQE framework to possibilistic logic: knowledge ...
Abstract. Many different access control policies and models have been developed to suit a variety of goals; these include Role-Based Access Control, One-directional Information Flo...
Vincent C. Hu, Deborah A. Frincke, David F. Ferrai...
Security policies are abstract descriptions of how a system should behave to be secure. They typically express what is obligatory, permitted, or forbidden in the system. When the s...