Validating an end-entity X.509 digital certificate prior to authorizing it for using a resource into the computational Grid has become a widely studied topic due to its importance...
Valentina Casola, Nicola Mazzocca, Jesus Luna, Osc...
We have implemented an information flow framework for the Java Virtual Machine that combines static and dynamic techniques to capture not only explicit flows, but also implicit ...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, and the result of the policy on a request is determined by combining the result...
Ninghui Li, Qihua Wang, Wahbeh H. Qardaji, Elisa B...
The security policy of an information system may include a wide range of different requirements. The literature has primarily focused on access and information flow control require...
Social networking sites have come under criticism for their poor privacy protection track record. Yet, there is an inherent difficulty in deciding which principals should have acc...