Sciweavers

IFIP
2009
Springer
13 years 7 months ago
Model Checking of Security-Sensitive Business Processes
Security-sensitive business processes are business processes that must comply with security requirements (e.g. authorization constraints). In previous works it has been shown that ...
Alessandro Armando, Serena Elisa Ponta
SERP
2010
13 years 7 months ago
Towards Automatic Integration of Or-BAC Security Policies Using Aspects
We propose a formal method to automatically integrate security rules regarding an access control policy (expressed in Or-BAC) in Java programs. Given an untrusted application and a...
Yliès Falcone, Mohamad Jaber
ICICS
2010
Springer
13 years 7 months ago
Fine-Grained Disclosure of Access Policies
Abstract. In open scenarios, where servers may receive requests to access their services from possibly unknown clients, access control is typically based on the evaluation of (cert...
Claudio Agostino Ardagna, Sabrina De Capitani di V...
RBAC
1997
234views more  RBAC 1997»
13 years 10 months ago
Comparing simple role based access control models and access control lists
The RBAC metaphor is powerful in its ability to express access control policy in terms of the way in which administrators view organizations. The functionality of simple Role Base...
John F. Barkley
IWFM
2000
167views Formal Methods» more  IWFM 2000»
13 years 10 months ago
An Algebraic Basis for Specifying and Enforcing Access Control in Security Systems
Security services in a multi-user environment are often based on access control mechanisms. Static of an access control policy can be formalised using abstract algebraic models. W...
Claus Pahl
DBSEC
2006
122views Database» more  DBSEC 2006»
13 years 10 months ago
Term Rewriting for Access Control
We demonstrate how access control models and policies can be represented by using term rewriting systems, and how rewriting may be used for evaluating access requests and for provi...
Steve Barker, Maribel Fernández
DBSEC
2007
121views Database» more  DBSEC 2007»
13 years 10 months ago
XACML Policies for Exclusive Resource Usage
The extensible access control markup language (XACML) is the standard access control policy specification language of the World Wide Web. XACML does not provide exclusive accesse...
Vijayant Dhankhar, Saket Kaushik, Duminda Wijeseke...
DNIS
2010
Springer
240views Database» more  DNIS 2010»
14 years 20 days ago
AccKW: An Efficient Access Control Scheme for Keyword-Based Search over RDBMS
Access control for relational databases is a well researched area. An SQL query is allowed or denied access to database according to the specified access control policy. On the oth...
Vikram Goyal, Ashish Sureka, Sangeeta Lal
DASC
2006
IEEE
14 years 1 months ago
Runtime Security Verification for Itinerary-Driven Mobile Agents
We present a new approach to ensure the secure execution of itinerary-driven mobile agents, in which the specification of the navigational behavior of an agent is separated from t...
Zijiang Yang, Shiyong Lu, Ping Yang
SP
1997
IEEE
134views Security Privacy» more  SP 1997»
14 years 1 months ago
A Logical Language for Expressing Authorizations
A major drawback of existing access control systems is that they have all been developed with a specific access control policy in mind. This means that all protection requirement...
Sushil Jajodia, Pierangela Samarati, V. S. Subrahm...