Making correct access-control decisions is central to security, which in turn requires accounting correctly for the identity, credentials, roles, authority, and privileges of users...
Thumrongsak Kosiyatrakul, Susan Older, Shiu-Kai Ch...
Sensitive data are increasingly available on-line through the Web and other distributed protocols. This heightens the need to carefully control access to data. Control means not o...
Kathi Fisler, Shriram Krishnamurthi, Leo A. Meyero...
We present a formal, tool-supported approach to the design and maintenance of access control policies expressed in the eXtensible Access Control Markup Language (XACML). Our aim is...
Combining access control with weakly consistent replication presents a challenge if the resulting system is to support eventual consistency. If authorization policy can be tempora...
Ted Wobber, Thomas L. Rodeheffer, Douglas B. Terry
Today more and more security-relevant data is stored on computer systems; security-critical business processes are mapped to their digital counterparts. This situation applies to ...
Karsten Sohr, Michael Drouineaud, Gail-Joon Ahn, M...