One of the major threats that an enterprise Information system networks are facing today is the Insider threat. As part of the Insider Threat study, lack of an effective access co...
In this paper we define and provide a general construction for a class of policies we call dynamic policies. In most existing systems, policies are implemented and enforced by ch...
Prasad Naldurg, Roy H. Campbell, M. Dennis Mickuna...
- Many researchers have considered security policy management, including how to configure policies manually and even how to automatically generate security policies based on securi...
Dynamic information flow tracking is a hardware mechanism to protect programs against malicious attacks by identifying spurious information flows and restricting the usage of sp...
G. Edward Suh, Jae W. Lee, David Zhang, Srinivas D...
We present a formal, tool-supported approach to the design and maintenance of access control policies expressed in the eXtensible Access Control Markup Language (XACML). Our aim is...