Abstract. Majority of the search algorithms in microdata anonymization restrict themselves to a single privacy property and a single criteria to optimize. The solutions obtained ar...
Abstract. We consider the problem of developing an abstract metamodel of access control in terms of which policies for protecting a principal's private information may be spec...
We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making...
Alessandro Colantonio, Roberto Di Pietro, Alberto ...
Managing the configuration of heterogeneous enterprise security mechanisms is a wholly complex task. The effectiveness of a configuration may be constrained by poor understanding a...
Abstract. Identifying and protecting the trusted computing base (TCB) of a system is an important task, which is typically performed by designing and enforcing a system security po...
There is an increasing need for sharing data repositories containing personal information across multiple distributed and private databases. However, such data sharing is subject t...
Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege in an access control ...
Lars E. Olson, Carl A. Gunter, William R. Cook, Ma...
Abstract. We present a new access control mechanism for P2P networks with distributed enforcement, called P2P Access Control System (PACS). PACS enforces powerful access control mo...
Existing approaches for protecting sensitive information stored (outsourced) at external "honest-but-curious" servers are typically based on an overlying layer of encrypt...
Valentina Ciriani, Sabrina De Capitani di Vimercat...
With the rapid growth in wireless networks and sensor and mobile devices, we are moving towards an era of pervasive computing. Access control is challenging in these environments. ...