Fine-grained and expressive access control policies on application resources need to be enforced in applicationlevel code. Uniformly enforcing a single policy (referred to as the ...
Tine Verhanneman, Frank Piessens, Bart De Win, Wou...
This paper studies the problem of securing information release in dynamic languages. We propose (i) an intuitive framework for information-release policies expressing both what ca...
In a policy-based system, policy goals are described with respect to network entities (e.g., networks and users) instead of enforcement points (e.g., firewalls and routers). This ...
Abstract. An important goal of security in information systems is confidentiality. A confidentiality policy specifies which users should be forbidden to acquire what kind of inform...
We present an iterative algorithm for enforcing policies represented in a first-order logic, which can, in particular, express all transmission-related clauses in the HIPAA Priva...