Making correct access-control decisions is central to security, which in turn requires accounting correctly for the identity, credentials, roles, authority, and privileges of users...
Thumrongsak Kosiyatrakul, Susan Older, Shiu-Kai Ch...
We introduce the RT framework, a family of Rolebased Trust-management languages for representing policies and credentials in distributed authorization. RT combines the strengths o...
Ninghui Li, John C. Mitchell, William H. Winsborou...
Abstract. Managing access control policies in modern computer systems can be challenging and error-prone. Combining multiple disparate access policies can introduce unintended cons...
XACML has emerged as a popular access control language on the Web, but because of its rich expressiveness, it has proved difficult to analyze in an automated fashion. In this pape...
One of the major threats that an enterprise Information system networks are facing today is the Insider threat. As part of the Insider Threat study, lack of an effective access co...