A security policy specifies session participant requirements. However, existing frameworks provide limited facilities for the automated reconciliation of participant policies. Thi...
We present a constructive authorization logic where the meanings of connectives are defined by their associated inference rules. This ensures that the logical reading of access c...
This paper presents the Authorization Service provided by Tivoli Policy Director (PD) and its use by PD family members as well as third-party applications. Policies are defined ov...
This paper introduces the PeerAccess framework for reasoning about authorization in open distributed systems, and shows how a parameterization of the framework can be used to reas...
Marianne Winslett, Charles C. Zhang, Piero A. Bona...
Early work on security-typed languages required that legal information flows be defined statically. More recently, techniques have been introduced that relax these assumptions a...
Sruthi Bandhakavi, William H. Winsborough, Mariann...