Combining access control with weakly consistent replication presents a challenge if the resulting system is to support eventual consistency. If authorization policy can be tempora...
Ted Wobber, Thomas L. Rodeheffer, Douglas B. Terry
We describe asasp, a symbolic reachability procedure for the analysis of administrative access control policies. The tool represents access policies and their administrative action...
Francesco Alberti, Alessandro Armando, Silvio Rani...
Current firewall configuration languages have no well founded semantics. Each firewall implements its own algorithm that parses specific proprietary languages. The main conseq...
Controlled Query Evaluation (CQE) defines a logical framework to protect confidential information in a database. By modeling a user's a priori knowledge appropriately, a CQE ...
Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity ...
Indrajit Roy, Donald E. Porter, Michael D. Bond, K...