Sciweavers

SACMAT
2009
ACM
14 years 5 months ago
A formal framework to elicit roles with business meaning in RBAC systems
The role-based access control (RBAC) model has proven to be cost effective to reduce the complexity and costs of access permission management. To maximize the advantages offered...
Alessandro Colantonio, Roberto Di Pietro, Alberto ...
SACMAT
2009
ACM
14 years 7 months ago
Access control policy combining: theory meets practice
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, and the result of the policy on a request is determined by combining the result...
Ninghui Li, Qihua Wang, Wahbeh H. Qardaji, Elisa B...
SACMAT
2009
ACM
14 years 7 months ago
Automating role-based provisioning by learning from examples
Role-based provisioning has been adopted as a standard component in leading Identity Management products due to its low administration cost. However, the cost of adjusting existin...
Qun Ni, Jorge Lobo, Seraphin B. Calo, Pankaj Rohat...
SACMAT
2009
ACM
14 years 7 months ago
Supporting RBAC with XACML+OWL
XACML does not natively support RBAC and even the specialized XACML profiles are not able to support many relevant constraints such as static and dynamic separation of duty. Exte...
Rodolfo Ferrini, Elisa Bertino
SACMAT
2009
ACM
14 years 7 months ago
Towards formal security analysis of GTRBAC using timed automata
An access control system is often viewed as a state transition system. Given a set of access control policies, a general safety requirement in such a system is to determine whethe...
Samrat Mondal, Shamik Sural, Vijayalakshmi Atluri
SACMAT
2009
ACM
14 years 7 months ago
Trojan horse resistant discretionary access control
Modern operating systems primarily use Discretionary Access Control (DAC) to protect files and other operating system resources. DAC mechanisms are more user-friendly than Mandat...
Ziqing Mao, Ninghui Li, Hong Chen, Xuxian Jiang
SACMAT
2009
ACM
14 years 7 months ago
A semantic web based framework for social network access control
The existence of on-line social networks that include person specific information creates interesting opportunities for various applications ranging from marketing to community o...
Barbara Carminati, Elena Ferrari, Raymond Heatherl...
SACMAT
2009
ACM
14 years 7 months ago
Usability meets access control: challenges and research opportunities
This panel discusses specific challenges in the usability of access control technologies and new opportunities for research. The questions vary from “Why nobody, even experts, ...
Konstantin Beznosov, Philip Inglesant, Jorge Lobo,...
SACMAT
2009
ACM
14 years 7 months ago
xDomain: cross-border proofs of access
A number of research systems have demonstrated the benefits of accompanying each request with a machine-checkable proof that the request complies with access-control policy — a...
Lujo Bauer, Limin Jia, Michael K. Reiter, David Sw...
SACMAT
2009
ACM
14 years 7 months ago
Dynamic mandatory access control for multiple stakeholders
In this paper, we present a mandatory access control system that uses input from multiple stakeholders to compose policies based on runtime information. In the emerging ubiquitous...
Vikhyath Rao, Trent Jaeger