Combinatory reduction systems: introduction and survey
Theoretical Computer Science - A collection of contributions in honour of Corrado Bo¨hm on the occasion of his 70th birthday
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
Authorization specification and enforcement in federated database systems
Journal of Computer Security
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
An Approach for Building Secure Database Federations
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Modular Termination of Term Rewriting Systems Revisited
Selected papers from the 10th Workshop on Specification of Abstract Data Types Joint with the 5th COMPASS Workshop on Recent Trends in Data Type Specification
Jakarta: A Toolset for Reasoning about JavaCard
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Security policy in a declarative style
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Timed constraint programming: a declarative approach to usage control
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
A rewriting-based inference system for the NRL Protocol analyzer and its meta-logical properties
Theoretical Computer Science - Automated reasoning for security protocol analysis
A rewriting framework for the composition of access control policies
Proceedings of the 10th international ACM SIGPLAN conference on Principles and practice of declarative programming
The next 700 access control models or a unifying meta-model?
Proceedings of the 14th ACM symposium on Access control models and technologies
Distributed event-based access control
International Journal of Information and Computer Security
RTA'03 Proceedings of the 14th international conference on Rewriting techniques and applications
Dynamic event-based access control as term rewriting
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
SecPAL: Design and semantics of a decentralized authorization language
Journal of Computer Security - Digital Identity Management (DIM 2007)
Term rewriting for access control
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
LoT-RBAC: a location and time-based RBAC model
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Category-Based authorisation models: operational semantics and expressive power
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Automated analysis of rule-based access control policies
PLPV '13 Proceedings of the 7th workshop on Programming languages meets program verification
| Hi-index | 0.00 |
We define a metamodel for access control that takes into account the requirements of distributed environments, where resources and access control policies may be distributed across several sites. This distributed metamodel is an extension of the category-based metamodel proposed in previous work (from which standard centralised access control models such as MAC, DAC, RBAC, Bell-Lapadula, etc. can be derived). We use a declarative formalism in order to give an operational semantics to the distributed metamodel. We then show how various distributed access control models can be derived as instances of the distributed metamodel, including distributed models where each site implements a different kind of local access control model.