The validation of enterprise authorization specification for conformance to enterprise security policies requires an out-of-band framework in many situations since the enforcing a...
Abstract--Current Network Access Control (NAC) technologies manage the access of new devices into a network to prevent rogue devices from attacking network hosts or services. Typic...
In this paper, we present a mandatory access control system that uses input from multiple stakeholders to compose policies based on runtime information. In the emerging ubiquitous...
Usage control is a generalization of access control that also addresses how data is used after it is released. We present a formal model for different mechanisms that can enforce ...
Alexander Pretschner, Manuel Hilty, David A. Basin...
Modern enterprise systems support Role-Based Access Control (RBAC). Although RBAC allows restricting access to privileged operations, a deployer may actually intend to restrict ac...
Paolina Centonze, Gleb Naumovich, Stephen J. Fink,...