Abstract. Identifying and protecting the trusted computing base (TCB) of a system is an important task, which is typically performed by designing and enforcing a system security po...
Coordinating multiple overlapping defense mechat differing levels of abstraction, is fraught with the potential for misconfiguration, so there is strong motivation to generate p...
Paul Rubel, Michael Ihde, Steven Harp, Charles Pay...
Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and...
Konstantin Beznosov, Yi Deng, Bob Blakley, C. Burt...
The ability to automatically compose security policies created by multiple organizations is fundamental to the development of scalable security systems. The diversity of policies ...
Adam J. Lee, Jodie P. Boyer, Lars E. Olson, Carl A...
Since the inception of service-oriented computing paradigm, we have witnessed a plethora of services deployed across a broad spectrum of applications, ranging from conventional RP...