We present a system, BLF, that combines an authorization logic based on the Binder language with a logical framework, LF, able to express semantic properties of programs. BLF is a...
Access control mechanisms are widely used with the intent of enforcing confidentiality and other policies, but few formal connections have been made between information flow and...
Provenance access control has been recognized as one of the most important components in an enterprise-level provenance system. However, it has only received little attention in th...
Qun Ni, Shouhuai Xu, Elisa Bertino, Ravi S. Sandhu...
DKAL is a new declarative authorization language for distributed systems. It is based on existential fixed-point logic and is considerably more expressive than existing authoriza...
The implementation of security principles, like least privilege, in a software architecture is difficult, as no systematic rules on how to apply them in practice exist. As a resu...