Abstract—In distributed environments, access control decisions depend on statements of multiple agents rather than only one central trusted party. However, existing policy langua...
Traditional Public Key Infrastructures (PKI) have not lived up to their promise because there are too many ways to define PKIs, too many cryptographic primitives to build them wi...
Chris Lesniewski-Laas, Bryan Ford, Jacob Strauss, ...
Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and...
Konstantin Beznosov, Yi Deng, Bob Blakley, C. Burt...
Distributed authorization takes into account several elements, including certificates that may be provided by non-local actors. While most trust management systems treat all asse...
Christian Skalka, Xiaoyang Sean Wang, Peter C. Cha...
We consider the problem of statically verifying the conformance of the code of a system to an explicit authorization policy. In a distributed setting, some part of the system may ...