Early work on security-typed languages required that legal information flows be defined statically. More recently, techniques have been introduced that relax these assumptions a...
Sruthi Bandhakavi, William H. Winsborough, Mariann...
We study the specification of access control policy in large-scale distributed systems. We present Cassandra, a language and system for expressing policy, and the results of a sub...
Abstract—In distributed environments, access control decisions depend on statements of multiple agents rather than only one central trusted party. However, existing policy langua...
Existing authorization mechanisms fail to provide powerful and robust tools for handling security at the scale necessary for today's Internet. These mechanisms are coming unde...
Trust management is a form of access control that uses delegation to achieve scalability beyond a single organization or federation. However, delegation can be difficult to contr...