Computer security basics
Role-Based Access Control Models
Computer
Security in computing
An initial assessment of aspect-oriented programming
Proceedings of the 21st international conference on Software engineering
Optimistic security: a new access control paradigm
Proceedings of the 1999 workshop on New security paradigms
Communications of the ACM
A new dimension in access control: studying maintenance engineering across organizational boundaries
CSCW '02 Proceedings of the 2002 ACM conference on Computer supported cooperative work
Information Flow Control in Object-Oriented Systems
IEEE Transactions on Knowledge and Data Engineering
Security Through Aspect-Oriented Programming
Proceedings of the IFIP TC11 WG11.4 First Annual Working Conference on Network Security: Advances in Network and Distributed Systems Security
Role Locks to Prevent Illegal Information Flow among Objects
AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
An architecture for privacy-sensitive ubiquitous computing
Proceedings of the 2nd international conference on Mobile systems, applications, and services
Fine-Granularity Access Control in 3-Tier Laboratory Information Systems
IDEAS '05 Proceedings of the 9th International Database Engineering & Application Symposium
Uniform Application-level Access Control Enforcement of Organizationwide Policies
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Computer-supported access control
ACM Transactions on Computer-Human Interaction (TOCHI)
Hi-index | 0.00 |
With the advent of agile programming, lightweight software processes are being favoured over the highly formalised approaches of the past. Likewise, access control may benefit from a less prescriptive approach with an increasing reliance on users to behave ethically. These ideals correlate with optimistic access controls. However, ensuring that users behave in a trustworthy manner may require more than optimistic access controls. This paper investigates the possibility of enhancing optimistic access controls with usage control to ensure that users conduct themselves in a trustworthy manner. Usage control enables finer-grained control over the usage of digital objects than do traditional access control policies and models. Further to ease the development and maintenance of usage control measures, it is posited that it is completely separated from the application logic by using aspect-oriented programming.