We propose two extensions to the SQL grant/revoke security model. In SQL, grants are unconditional, so the grantor must simply trust the recipient's discretion. We allow a gr...
We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making...
Alessandro Colantonio, Roberto Di Pietro, Alberto ...
Storage-area networks are a popular and efficient way of building large storage systems both in an enterprise environment and for multi-domain storage service providers. In both en...
Benjamin Aziz, Simon N. Foley, John Herbert, Garre...
Real-time update of access control policies, that is, updating policies while they are in effect and enforcing the changes immediately, is necessary for many security-critical appl...
Abstract. Controlled Query Evaluation (CQE) offers a logical framework to prevent a user of a database from inadvertently gaining knowledge he is not allowed to know. By modeling t...