Role-based access control (RBAC) is a common paradigm to ensure that users have sufficient rights to perform various system operations. In many cases though, traditional RBAC does ...
Jeffrey Fischer, Daniel Marino, Rupak Majumdar, To...
Traditional security policies largely focus on access control requirements, which specify who can access what under what circumstances. Besides access control requirements, the av...
A high-level security policy states an overall safety requirement for a sensitive task. One example of a high-level security policy is a separation of duty policy, which requires ...
Our society is increasingly moving towards richer forms of information exchange where mobility of processes and devices plays a prominent role. This tendency has prompted the acad...
Adriana B. Compagnoni, Elsa L. Gunter, Philippe Bi...
In authorization-transparent access control, users formulate their queries against the database schema rather than against authorization views that transform and hide data. The Tru...