Principles of database and knowledge-base systems, Vol. I
Principles of database and knowledge-base systems, Vol. I
Role-Based Access Control Models
Computer
ACM Computing Surveys (CSUR)
AAAI '99/IAAI '99 Proceedings of the sixteenth national conference on Artificial intelligence and the eleventh Innovative applications of artificial intelligence conference innovative applications of artificial intelligence
Law-governed interaction: a coordination and control mechanism for heterogeneous distributed systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Active Database Systems: Triggers and Rules for Advanced Database Processing
Active Database Systems: Triggers and Rules for Advanced Database Processing
Formal Specification of Active Database Functionality: A Survey
RIDS '95 Proceedings of the Second International Workshop on Rules in Database Systems
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Role-Based Authorization Constraints Specification Using Object Constraint Language
WETICE '01 Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Formal Characterization of Active Databases
LID '96 Proceedings of the International Workshop on Logic in Databases
Organizations and Collective Obligations
DEXA '00 Proceedings of the 11th International Conference on Database and Expert Systems Applications
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Deriving individual obligations from collective obligations
AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
Obligation Monitoring in Policy Management
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Provisions and Obligations in Policy Rule Management
Journal of Network and Systems Management
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
On the role of roles: from role-based to role-sensitive access control
Proceedings of the ninth ACM symposium on Access control models and technologies
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
GEO-RBAC: a spatially aware RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
Nomad: A Security Model with Non Atomic Actions and Deadlines
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Availability Enforcement by Obligations and Aspects Identification
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
An obligation model bridging access control policies and privacy policies
Proceedings of the 13th ACM symposium on Access control models and technologies
Modeling contextual security policies
International Journal of Information Security
Formalization and Management of Group Obligations
POLICY '09 Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks
An Extended Role-Based Access Control Model for Delegating Obligations
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Obligations and their interaction with programs
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
A policy language for distributed usage control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
| Hi-index | 0.00 |
Obligations are an essential element of security policies since they enable the specification of many security requirements such as availability, privacy, usage control and data protection. In everyday life, the fulfillment of obligations is often the responsibility of more than one subject, e.g., “All patients must be checked by one of the doctors”. Obligations may also be fulfilled in different ways, e.g., “Every customer should pay either in cash or by check”. Current security policy languages do not enable the specification of these intuitive and much needed requirements. In this paper, we show how policy languages can be extended to support the specification of these requirements which we call group obligations. To clarify the semantics of group obligations, we introduce state-based models for both group and individual obligations and show how group obligations can be managed according to change in the state of individual obligations. We formalize the semantics of the model and interactions between individual and group obligations by introducing a policy-enforcement language LE. LE enables the formal description of the application domain and the policy and provides operational semantics for policy management. Moreover, we discuss termination and determinism of policy enforcement in the proposed framework and show how different sanction/reaction policies may be activated when group obligations are violated.