Formal languages for policy have been developed for access control and conformance checking. In this paper, we describe a formalism that combines features that have been developed...
Nikhil Dinesh, Aravind K. Joshi, Insup Lee, Oleg S...
Making correct access-control decisions is central to security, which in turn requires accounting correctly for the identity, credentials, roles, authority, and privileges of users...
Thumrongsak Kosiyatrakul, Susan Older, Shiu-Kai Ch...
A major drawback of existing access control systems is that they have all been developed with a specific access control policy in mind. This means that all protection requirement...
Sushil Jajodia, Pierangela Samarati, V. S. Subrahm...
Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and...
Konstantin Beznosov, Yi Deng, Bob Blakley, C. Burt...
If access control policy decision points are not neatly separated from the business logic of a system, the evolution of a security policy likely leads to the necessity of changing...
Yves Le Traon, Tejeddine Mouelhi, Alexander Pretsc...