Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and...
Konstantin Beznosov, Yi Deng, Bob Blakley, C. Burt...
We present a model-based approach to testing access control requirements. By using combinatorial testing, we first automatically generate test cases from and without access contro...
Alexander Pretschner, Tejeddine Mouelhi, Yves Le T...
Emerging trust and risk management systems provide a framework for principals to determine whether they will exchange resources, without requiring a complete definition of their ...
In an open environment such as the Internet, the decision to collaborate with a stranger (e.g., by granting access to a resource) is often based on the characteristics (rather tha...
Context is a key factor in making make access control decision in modern information system. But a formal context model is needed to guide research of implementation of Context-se...