This paper presents a language, based on transaction logic, for specifying dynamic authorisation policies, i.e., rules governing actions that may depend on and update the authoris...
This paper discusses a potential security issue in common operating system and application environments regarding dynamically attached devices and device interfaces. A set of coun...
We study the specification of access control policy in large-scale distributed systems. Our work on real-world policies has shown that standard policy idioms such as role hierarc...
As pervasive environments become more commonplace, the privacy of users is placed at increased risk. The numerous and diverse sensors in these environments can record users’ cont...
Apu Kapadia, Tristan Henderson, Jeffrey J. Fieldin...
Multilevel security policies aim at only confidentiality assurance, with less consideration on integrity assurance and weakness in expressing channel control policies. Besides, the...