We study the specification of access control policy in large-scale distributed systems. Our work on real-world policies has shown that standard policy idioms such as role hierarc...
Owners of systems and resources usually want to control who can access them. This must be based on having a process for authorising certain parties, combined with mechanisms for e...
The RBAC96 access control model has been the basis for extensive work on role-based constraint specification and role-based delegation. However, these practical extensions can als...
Trust management represents today a promising approach for supporting access control in open environments. While several approaches have been proposed for trust management and sig...
Sabrina De Capitani di Vimercati, Sushil Jajodia, ...
We introduce the RT framework, a family of Rolebased Trust-management languages for representing policies and credentials in distributed authorization. RT combines the strengths o...
Ninghui Li, John C. Mitchell, William H. Winsborou...