Even though the final objective of an access control model is to provide a framework to decide if actions performed by subjects on objects are permitted or not, it is not convenie...
As computer infrastructures become more complex, security models must provide means to handle more flexible and dynamic requirements. In the Organization Based Access Control (Or...
During interoperability exchanges, organizations are jointly conducting computation and sharing tasks. However, organizations can have different security policies. To guarantee g...
In this paper, we describe a security model where users are allowed to control their obligations partially or totally, depending on the security policy. The main motivation of our...
Current information systems are more and more complex. They require more interactions between different components and users. So, ensuring system security must not be limited to us...