A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Protection in operating systems
Communications of the ACM
Policy algebras for access control the predicate case
Proceedings of the 9th ACM conference on Computer and communications security
An Extended Authorization Model for Relational Databases
IEEE Transactions on Knowledge and Data Engineering
Distributed credential chain discovery in trust management
Journal of Computer Security
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Logical Framework for Querying and Repairing Inconsistent Databases
IEEE Transactions on Knowledge and Data Engineering
Looking Back at the Bell-La Padula Model
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Fine-grained and History-based Access Control with Trust Management for Autonomic Grid Services
ICAS '06 Proceedings of the International Conference on Autonomic and Autonomous Systems
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Audit-based compliance control
International Journal of Information Security
Delegation in role-based access control
International Journal of Information Security
Supporting selective information sharing with people-tagging
CHI '08 Extended Abstracts on Human Factors in Computing Systems
Synthesising verified access control systems through model checking
Journal of Computer Security
RBAC administration in distributed systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Revocation Schemes for Delegation Licences
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Reputation-Based Ontology Alignment for Autonomy and Interoperability in Distributed Access Control
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Usable access control in collaborative environments: authorization based on people-tagging
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
A delegation model for extended RBAC
International Journal of Information Security
SecPAL: Design and semantics of a decentralized authorization language
Journal of Computer Security - Digital Identity Management (DIM 2007)
TBA: a hybrid of logic and extensional access control systems
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Dynamic ontology mapping for interacting autonomous systems
IWSOS'07 Proceedings of the Second international conference on Self-Organizing Systems
| Hi-index | 0.00 |
Tag-Based Authorization (TBA) is a hybrid access control model that combines the ease of use of extensional access control models with the expressivity of logic-based formalisms. The main limitation of TBA is that it lacks support for policy administration. More precisely, it does not allow policy-writers to specify administrative policies that constrain the tags that users can assign, and to verify the compliance of assigned tags with these policies. In this paper we introduce TBA2 (Tag-Based Authorization & Administration), an extension of TBA that enables policy administration in distributed systems. We show that TBA2 is more expressive than TBA and than two reference administrative models proposed in the literature, namely HRU and ARBAC97.