We study the specification of access control policy in large-scale distributed systems. Our work on real-world policies has shown that standard policy idioms such as role hierarc...
Distributed Role-Based Access Control (dRBAC) is a scalable, decentralized trust-management and accesscontrol mechanism for systems that span multiple administrative domains. dRBA...
Eric Freudenthal, Tracy Pesin, Lawrence Port, Edwa...
A number of research systems have demonstrated the benefits of accompanying each request with a machine-checkable proof that the request complies with access-control policy — a...
Lujo Bauer, Limin Jia, Michael K. Reiter, David Sw...
In this paper, we describe a novel approach to policy-based intrusion detection. The model we propose checks legality of information flows between objects in the system, according...
This paper presents the Authorization Service provided by Tivoli Policy Director (PD) and its use by PD family members as well as third-party applications. Policies are defined ov...