Optimistic security: a new access control paradigm
Proceedings of the 1999 workshop on New security paradigms
Managing access control policies using access control spaces
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A new dimension in access control: studying maintenance engineering across organizational boundaries
CSCW '02 Proceedings of the 2002 ACM conference on Computer supported cooperative work
Power and Permission in Security Systems
Proceedings of the 7th International Workshop on Security Protocols
Using Authority Certificates to Create Management Structures
Revised Papers from the 9th International Workshop on Security Protocols
A Logic-based Knowledge Representation for Authorization with Delegation
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Enforcing well-formed and partially-formed transactions for Unix
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Computer-supported access control
ACM Transactions on Computer-Human Interaction (TOCHI)
A calculus for the qualitative risk assessment of policy override authorization
Proceedings of the 3rd international conference on Security of information and networks
Protecting privacy during peer-to-peer exchange of medical documents
Information Systems Frontiers
Provenance as a security control
TaPP'12 Proceedings of the 4th USENIX conference on Theory and Practice of Provenance
Proceedings of the 8h ACM symposium on QoS and security for wireless and mobile networks
Generic support for RBAC break-glass policies in process-aware information systems
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Hi-index | 0.00 |
Because it is difficult to predict access needs in advance and the limitations of formal policy languages it is difficult to completely define an access control policy ahead of the actual use. We suggest the use of an policy language which allows for override of denied access in some cases for increased flexibility. The overrides should be audited and we suggest that the access control policy can be used for finding the people who should perform the audit.