It has been recognized for some time that software alone does not provide an adequate foundation for building a high-assurance trusted platform. The emergence of industry-standard...
Electronic transactions regularly occur between business partners in separate security domains. Trust negotiation is an approach that provides an open authentication and access-co...
Tatyana Ryutov, Li Zhou, B. Clifford Neuman, Travi...
In traditional access control models like MAC, DAC, and RBAC, authorization decisions are determined according to identities of subjects and objects, which are authenticated by a ...
This paper presents a framework for verifying the access control requirements of real-time application systems such as workflow management systems and active databases. The tempor...
Basit Shafiq, Ammar Masood, James Joshi, Arif Ghaf...
— We provide a novel trace semantics for positive core XPath that exposes all intermediate nodes visited by the query engine. This enables a detailed analysis of all information ...
An apparently prevailing myth is that safety is undecidable in Discretionary Access Control (DAC); therefore, one needs to invent new DAC schemes in which safety analysis is decid...
Access control software must be based on a security policy model. Flaws in them may come from a lack of precision or some incoherences in the policy model or from inconsistencies ...
Role-Based Access Control (RBAC) models have emerged as a leading access control approach for today’s information systems. Hybrid role hierarchies introduced in the Generalized ...
Context is a key factor in making make access control decision in modern information system. But a formal context model is needed to guide research of implementation of Context-se...
Laboratory information systems (LIMS) are used in life science research to manage complex experiments. Since LIMS systems are often shared by different research groups, powerful a...