We have designed and deployed a system that uses X.509 public-key certificates (PKC) and attribute certificates (AC) for access control. This includes an authorization service for...
Longevity of distributed computing middleware standards, such as CORBA, depend on their ability to support a range of applications by providing low overhead access in a uniform man...
Gautam H. Thaker, Patrick J. Lardieri, Chuck Winte...
We describe a new design for authorization in operating systems in which applications are first-class entities. In this design, principals reflect application identities. Access c...
We introduce the concept, model, and policy-specific algorithms for inferring new access control decisions from previous ones. Our secondary and approximate authorization model (...
Role-based Access Control (RBAC) models have been implemented not only in self-contained resource management products such as DBMSs and Operating Systems but also in a class of pr...
David F. Ferraiolo, Ramaswamy Chandramouli, Gail-J...