This paper introduces the PeerAccess framework for reasoning about authorization in open distributed systems, and shows how a parameterization of the framework can be used to reas...
Marianne Winslett, Charles C. Zhang, Piero A. Bona...
Abstract The expansion of inter-organizational scenarios based on different authorization schemes involves the development of integration solutions allowing different authorizatio...
Certified code is a general mechanism for enforcing security properties. In this paradigm, untrusted mobile code carries annotations that allow a host to verify its trustworthine...
XACML does not natively support RBAC and even the specialized XACML profiles are not able to support many relevant constraints such as static and dynamic separation of duty. Exte...
We study the specification of access control policy in large-scale distributed systems. We present Cassandra, a language and system for expressing policy, and the results of a sub...