This paper discusses the development of a methodology for reasoning about properties of security policies. We view a security policy as a special case of regulation which specifi...
With the advent of wide security platforms able to express simultaneously all the policies comprising an organization's global security policy, the problem of inconsistencies...
Carlos Ribeiro, Andre Zuquete, Paulo Ferreira, Pau...
XML access control policies involving updates may contain security flaws, here called inconsistencies, in which a forbidden operation may be simulated by performing a sequence of ...
In this paper we describe the method used to develop a gateway capable of meeting the ITSEC E4 requirements. The security policy was formally modelled and proven consistent with t...
Combining access control with weakly consistent replication presents a challenge if the resulting system is to support eventual consistency. If authorization policy can be tempora...
Ted Wobber, Thomas L. Rodeheffer, Douglas B. Terry