Role-Based Access Control Models
Computer
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Resource access control in systems of mobile agents
Information and Computation
Types for the ambient calculus
Information and Computation - IFIP TCS2000
Access control for mobile agents: The calculus of boxed ambients
ACM Transactions on Programming Languages and Systems (TOPLAS)
safeDpi: a language for controlling mobile code
Acta Informatica - Special issue: Types in concurrency. Part II , Guest Editor: R. De Nicola, D. Sangiorgi
A bisimulation-based semantic theory of Safe Ambients
ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-based access control for a distributed calculus
Journal of Computer Security - Special issue on CSFW17
Theoretical Computer Science - Applied semantics: Selected topics
A Distributed Pi-Calculus
Boxed ambients with communication interfaces
Mathematical Structures in Computer Science
Types for ambient and process mobility†
Mathematical Structures in Computer Science
Role-based access control for boxed ambients
Theoretical Computer Science
Security types for dynamic web data
Theoretical Computer Science
Communication and mobility control in boxed ambients
Information and Computation
Information and Computation
Hi-index | 0.00 |
We introduce a role-based access control calculus for modelling dynamic web data and a corresponding type system. It is an extension of the Xdp calculus proposed by Gardner and Maffeis. In our framework, a network is a parallel composition of locations, where each location contains processes with roles and a data tree whose edges are associated with roles. Processes can communicate, migrate from a location to another, use the data, change the data and the roles in the local tree. In this way, we obtain a model that controls process access to data. We propose a type system which ensures that a specified network policy is respected during computations. Finally, we show that our calculus obeys the following security properties: (1) all data trees and processes with roles in a location agree with the location policy; (2) a process can migrate only to a location with whose policy it agrees; (3) a process with roles can read and modify only data which are accessible to it; (4) a process with roles can enable and disable roles in agreement with the location policy.