We introduce the concept, model, and policy-specific algorithms for inferring new access control decisions from previous ones. Our secondary and approximate authorization model (...
The processing of data is often restricted by contractual and legal requirements for protecting privacy and IPRs. Policies provide means to control how and by whom data is processe...
A new model for representing temporal access control policies is introduced. In this model, temporal authorizations are represented by time attributes associated with both subjects...
Francis B. Afinidad, Timothy E. Levin, Cynthia E. ...
Usage control is a generalization of access control that also addresses how data is used after it is released. We present a formal model for different mechanisms that can enforce ...
Alexander Pretschner, Manuel Hilty, David A. Basin...
Modern enterprise systems support Role-Based Access Control (RBAC). Although RBAC allows restricting access to privileged operations, a deployer may actually intend to restrict ac...
Paolina Centonze, Gleb Naumovich, Stephen J. Fink,...