Artificial Intelligence
ACM Transactions on Information and System Security (TISSEC)
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
Multi-Terminal Binary Decision Diagrams: An Efficient DataStructure for Matrix Representation
Formal Methods in System Design
A propositional policy algebra for access control
ACM Transactions on Information and System Security (TISSEC)
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
Timed constraint programming: a declarative approach to usage control
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
XACML policy integration algorithms: not to be confused with XACML policy combination algorithms!
Proceedings of the eleventh ACM symposium on Access control models and technologies
Methods and limitations of security policy reconciliation
ACM Transactions on Information and System Security (TISSEC)
A simple and expressive semantic framework for policy composition in access control
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Learning to order BDD variables in verification
Journal of Artificial Intelligence Research
Data protection models for service provisioning in the cloud
Proceedings of the 15th ACM symposium on Access control models and technologies
Access control via belnap logic: Intuitive, expressive, and analyzable policy composition
ACM Transactions on Information and System Security (TISSEC)
xfACL: an extensible functional language for access control
Proceedings of the 16th ACM symposium on Access control models and technologies
Anomaly discovery and resolution in web access control policies
Proceedings of the 16th ACM symposium on Access control models and technologies
Survey Paper: A survey on policy languages in network and security management
Computer Networks: The International Journal of Computer and Telecommunications Networking
City on the Sky: Extending XACML for Flexible, Secure Data Sharing on the Cloud
Journal of Grid Computing
PTaCL: a language for attribute-based access control in open systems
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Spectrum access policy reasoning for policy-based cognitive radios
Computer Networks: The International Journal of Computer and Telecommunications Networking
Ensuring continuous compliance through reconciling policy with usage
Proceedings of the 18th ACM symposium on Access control models and technologies
Verification and enforcement of access control policies
Formal Methods in System Design
Hi-index | 0.00 |
Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computing, often require integrating access control policies of collaborating parties. Such an integration must be able to support complex authorization specifications and the fine-grained integration requirements that the various parties may have. In this paper, we introduce an algebra for fine-grained integration of sophisticated policies. The algebra, which consists of three binary and two unary operations, is able to support the specification of a large variety of integration constraints. To assess the expressive power of our algebra, we introduce a notion of completeness and prove that our algebra is complete with respect to this notion. We then propose a framework that uses the algebra for the fine-grained integration of policies expressed in XACML. We also present a methodology for generating the actual integrated XACML policy, based on the notion of Multi-Terminal Binary Decision Diagrams.