Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Data Provenance: Some Basic Issues
FST TCS 2000 Proceedings of the 20th Conference on Foundations of Software Technology and Theoretical Computer Science
On Modelling Access Policies: Relating Roles to their Organisational Context
RE '05 Proceedings of the 13th IEEE International Conference on Requirements Engineering
Introducing secure provenance: problems and challenges
Proceedings of the 2007 ACM workshop on Storage security and survivability
Expandable grids for visualizing and authoring computer security policies
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Using First-Order Logic to Reason about Policies
ACM Transactions on Information and System Security (TISSEC)
An Approach for Generation of J2EE Access Control Configurations from Requirements Specification
QSIC '08 Proceedings of the 2008 The Eighth International Conference on Quality Software
Validating Access Control Configurations in J2EE Applications
CBSE '08 Proceedings of the 11th International Symposium on Component-Based Software Engineering
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
An Access Control Language for a General Provenance Model
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Scenario-Driven Role Engineering
IEEE Security and Privacy
A comparison of security requirements engineering methods
Requirements Engineering - Special Issue on RE'09: Security Requirements Engineering; Guest Editors: Eric Dubois and Haralambos Mouratidis
A language for provenance access control
Proceedings of the first ACM conference on Data and application security and privacy
Towards accuracy of role-based access control configurations in component-based systems
Journal of Systems Architecture: the EUROMICRO Journal
PrIMe: A methodology for developing provenance-aware applications
ACM Transactions on Software Engineering and Methodology (TOSEM)
OPQL: A First OPM-Level Query Language for Scientific Workflow Provenance
SCC '11 Proceedings of the 2011 IEEE International Conference on Services Computing
Dependency path patterns as the foundation of access control in provenance-aware systems
TaPP'12 Proceedings of the 4th USENIX conference on Theory and Practice of Provenance
A provenance-based access control model
PST '12 Proceedings of the 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST)
| Hi-index | 0.00 |
Provenance is meta-data about how data items become what they are. A variety of provenance-aware access control models and policy languages have been recently discussed in the literature. However, the issue of eliciting access control requirements related to provenance and of elaborating them as provenance-aware access control policies (ACPs) has received much less attention. This paper explores the approach to engineering provenance-aware ACPs since the beginning of software development. Specifically, this paper introduces a typed provenance model (TPM) to abstract complex provenance graph and presents a TPM-centric process for identification, specification, and refinement of provenance-aware ACPs. We illustrate this process by means of a homework grading system.