One of the major threats that an enterprise Information system networks are facing today is the Insider threat. As part of the Insider Threat study, lack of an effective access co...
Specifying and managing access control policies is a challenging problem. We propose to develop formal verification techniques for access control policies to improve the current s...
Somesh Jha, Ninghui Li, Mahesh V. Tripunitara, Qih...
The validation of enterprise authorization specification for conformance to enterprise security policies requires an out-of-band framework in many situations since the enforcing a...
We demonstrate how access control models and policies can be represented by using term rewriting systems, and how rewriting may be used for evaluating access requests and for provi...
We introduce the notion of resiliency policies in the context of access control systems. Such policies require an access control system to be resilient to the absence of users. An...