We introduce the notion of resiliency policies in the context of access control systems. Such policies require an access control system to be resilient to the absence of users. An...
Firewalls are the mainstay of enterprise security and the most widely adopted technology for protecting private networks. An error in a firewall policy either creates security hole...
We introduce the concept, model, and policy-specific algorithms for inferring new access control decisions from previous ones. Our secondary and approximate authorization model (...
A formal top down model shall be presented to aid documentation and harmonization of information security requirements. The model formalizes layered development of inn security, w...
Sensitive data are increasingly available on-line through the Web and other distributed protocols. This heightens the need to carefully control access to data. Control means not o...
Kathi Fisler, Shriram Krishnamurthi, Leo A. Meyero...