In a policy-based system, policy goals are described with respect to network entities (e.g., networks and users) instead of enforcement points (e.g., firewalls and routers). This ...
We present a discretionary access control framework that can be used to control a principal’s ability to link information from two or more audit records and compromise a user’...
Achieving data security over cooperating web services is becoming a reality, but existing XML access control architectures do not consider this federated service computing. In this...
Erwin Leonardi, Sourav S. Bhowmick, Mizuho Iwaihar...
Obligation Policies specify management actions that must be performed when a particular kind of event occurs and certain conditions are satisfied. Large scale distributed systems...
Abstract. In the area of networks, a common method to enforce a security policy expressed in a high-level language is based on an ad-hoc and manual rewriting process [24]. We argue...