A lattice model of secure information flow
Communications of the ACM
Lattice-Based Access Control Models
Computer
Amending P3P for Clearer Privacy Promises
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
A logical semantics for feature structures
ACL '86 Proceedings of the 24th annual meeting on Association for Computational Linguistics
Privacy-aware role based access control
Proceedings of the 12th ACM symposium on Access control models and technologies
Formal correctness of conflict detection for firewalls
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Using First-Order Logic to Reason about Policies
ACM Transactions on Information and System Security (TISSEC)
P3P: Making Privacy Policies More Useful
IEEE Security and Privacy
Or Best Offer: A Privacy Policy Negotiation Protocol
POLICY '08 Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks
Strong and Weak Policy Relations
POLICY '09 Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks
Hi-index | 0.00 |
New security and privacy enhancing technologies are demanded in the new information and communication environments where a huge number of computers interact with each other in a distributed and ad hoc manner to access various resources. In this paper, we focus on access control because this is the underlying core technology to enforce security and privacy. Access control decides permit or deny according to access control policies. Since notations of policies are specialized in each system, it is difficult to ensure consistency of policies that are stated in different notations. In this paper, we propose a readable notation for policies by adopting the concept of feature structures, which has mainly been used for parsing in natural language processing. Our proposed notation is also logically well-founded, which guarantees strict access control decisions, and expressive in that it returns not only a binary value of permit or deny but also various result values through the application of partial order relations of the security risk level. We illustrate the effectiveness of our proposed method using examples from P3P.