Communications of the ACM
Protection and the control of information sharing in multics
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Protection in an information processing utility
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
The Design and Analysis of Computer Algorithms
The Design and Analysis of Computer Algorithms
ACM SIGOPS Operating Systems Review
ACM '73 Proceedings of the ACM annual conference
Protection in programmed systems.
Protection in programmed systems.
Cops--a protection mechanism for computer systems.
Cops--a protection mechanism for computer systems.
Formal languages and their relation to automata
Formal languages and their relation to automata
Selective and locally controlled transport of privileges
ACM Transactions on Programming Languages and Systems (TOPLAS) - Lecture notes in computer science Vol. 174
The schematic protection model: its definition and analysis for acyclic attenuating schemes
Journal of the ACM (JACM)
A formal protection model of security in centralized, parallel, and distributed systems
ACM Transactions on Computer Systems (TOCS)
ACM SIGMOD Record - Directions for future database research & development
A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
Redundant rights in protection systems
ACM SIGOPS Operating Systems Review
Does licensing require new access control techniques?
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Does licensing require new access control techniques?
Communications of the ACM
Untransferable rights in a client-independent server environment
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Computational Issues in Secure Interoperation
IEEE Transactions on Software Engineering
Achieving Rights Untransferability with Client-Independent Servers
Designs, Codes and Cryptography
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Role-based access control and distributed object-based enterprise computing
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Towards a task-based paradigm for flexible and adaptable access control in distributed applications
NSPW '92-93 Proceedings on the 1992-1993 workshop on New security paradigms
Computer security by redefining what a computer is
NSPW '92-93 Proceedings on the 1992-1993 workshop on New security paradigms
How to do discretionary access control using roles
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Discussion topic: what is the old security paradigm?
Proceedings of the 1998 workshop on New security paradigms
Embedding security policies into a distributed computing environment
ACM SIGOPS Operating Systems Review
On the increasing importance of constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Dynamic rights: safe extensible access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
ACM Transactions on Database Systems (TODS)
On the decidability of accessibility problems (extended abstract)
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Rebuttal to the NIST RBAC model proposal
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Integrated constraints and inheritance in DTAC
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
An access control model for simplifying constraint expression
Proceedings of the 7th ACM conference on Computer and communications security
ACM Computing Surveys (CSUR)
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
Security models for web-based applications
Communications of the ACM
Value conflicts and social choice in electronic funds transfer system developments
Communications of the ACM
A graphical definition of authorization schema in the DTAC model
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Managing access control complexity using metrices
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Reflective authorization systems: possibilities, benefits, and drawbacks
Secure Internet programming
ACM SIGOPS Operating Systems Review
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
Role-based access control and the access control matrix
ACM SIGOPS Operating Systems Review
Managing access control policies using access control spaces
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Models for coalition-based access control (CBAC)
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A task-based security model to facilitate collaboration in trusted multi-agency networks
Proceedings of the 2002 ACM symposium on Applied computing
Bracket capabilities for distributed systems security
ACSC '02 Proceedings of the twenty-fifth Australasian conference on Computer science - Volume 4
Opsis: a distributed object architecture based on bracket capabilities
CRPIT '02 Proceedings of the Fortieth International Conference on Tools Pacific: Objects for internet, mobile and embedded applications
Mathematics, Technology, and Trust: Formal Verification, Computer Security, and the U.S. Military
IEEE Annals of the History of Computing
Education in Information Security
IEEE Concurrency
An Analysis of Access Control Models
ACISP '99 Proceedings of the 4th Australasian Conference on Information Security and Privacy
Resolving Conflicts in Authorization Delegations
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Providing Fine-grained Access Control for Java Programs
ECOOP '99 Proceedings of the 13th European Conference on Object-Oriented Programming
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Mathematical Models of Computer Security
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Decidability of Safety in Graph-Based Models for Access Control
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
An Access Control Model for Tree Data Structures
ISC '02 Proceedings of the 5th International Conference on Information Security
Information Flow Control among Objects in Role-Based Access Control Model
DEXA '01 Proceedings of the 12th International Conference on Database and Expert Systems Applications
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
A security model for distributed product data management system
Computers in Industry - Advanced web technologies for industrial applications
Manageable access control for CORBA
Journal of Computer Security - Special issue on ESORICS 2000
Survey of recent operating systems research, designs and implementations
ACM SIGOPS Operating Systems Review
Some security principles and their application to computer security
ACM SIGOPS Operating Systems Review
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Key assignment for enforcing access control policy exceptions in distributed systems
Information Sciences: an International Journal
A top-down, laboratory based operating system course
SIGCSE '77 Proceedings of the seventh SIGCSE technical symposium on Computer science education
The Lattice Security Model In A Public Computing Network
ACM '78 Proceedings of the 1978 annual conference
Analysis of computing protection structures by means of multi-valued logic systems
MVL '78 Proceedings of the eighth international symposium on Multiple-valued logic
On the synthesis and analysis of protection systems
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
The transfer of information and authority in a protection system
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
Language features for process interaction
Proceedings of an ACM conference on Language design for reliable software
Flexible enterprise access control with object-oriented view specification
ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A State-Transition Model of Trust Management and Access Control
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
A unified security framework for networked applications
Proceedings of the 2003 ACM symposium on Applied computing
Value conflicts and social choice in electronic funds transfer system developments
ACM SIGCAS Computers and Society
Modeling and detecting the cascade vulnerability problem using soft constraints
Proceedings of the 2004 ACM symposium on Applied computing
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Access control systems: from host-centric to network-centric computing
IBM Systems Journal
The extended access matrix model of computer security
ACM SIGSOFT Software Engineering Notes - Proceedings of VERkshop III -- a formal verification workshop
Comparing the expressive power of access control models
Proceedings of the 11th ACM conference on Computer and communications security
A compositional framework for access control policies enforcement
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Modeling insecurity: policy engineering for survivability
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Automatic discovery of API-level exploits
Proceedings of the 27th international conference on Software engineering
Preventing information leakage within workflows that execute among competing organizations
Journal of Systems and Software - Special issue: Software engineering education and training
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
An attribute-based access matrix model
Proceedings of the 2005 ACM symposium on Applied computing
DRM, trusted computing and operating system architecture
ACSW Frontiers '05 Proceedings of the 2005 Australasian workshop on Grid computing and e-research - Volume 44
Understanding and developing role-based administrative models
Proceedings of the 12th ACM conference on Computer and communications security
Applying hierarchical and role-based access control to XML documents
SWS '04 Proceedings of the 2004 workshop on Secure web service
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Safety analysis of usage control authorization models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
A model-checking approach to analysing organisational controls in a loan origination process
Proceedings of the eleventh ACM symposium on Access control models and technologies
NETRA:: seeing through access control
Proceedings of the fourth ACM workshop on Formal methods in security
An extended RBAC profile of XACML
Proceedings of the 3rd ACM workshop on Secure web services
Resiliency policies in access control
Proceedings of the 13th ACM conference on Computer and communications security
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
A review of information security issues and respective research contributions
ACM SIGMIS Database
Homeviews: peer-to-peer middleware for personal data sharing applications
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Engineering Trust Management into Software Models
MISE '07 Proceedings of the International Workshop on Modeling in Software Engineering
On the Decidability of the Safety Problem for Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
High Level Conflict Management Strategies in Advanced Access Control Models
Electronic Notes in Theoretical Computer Science (ENTCS)
Formal Models of Capability-Based Protection Systems
IEEE Transactions on Computers
Security policy compliance with violation management
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Analysis of three multilevel security architectures
Proceedings of the 2007 ACM workshop on Computer security architecture
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
On complexity of grammars related to the safety problem
Theoretical Computer Science
A dynamic key management solution to access hierarchy
International Journal of Network Management
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Usage control platformization via trustworthy SELinux
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A theory for comparing the expressive power of access control models
Journal of Computer Security
Enforcing security properties in task-based systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Role engineering: From design to evolution of security schemes
Journal of Systems and Software
Patterns for session-based access control
Proceedings of the 2006 conference on Pattern languages of programs
Describing access control models as design patterns using roles
Proceedings of the 2006 conference on Pattern languages of programs
Pattern-Based Transformation Rules for Developing Interaction Models of Access Control Systems
ICSR '08 Proceedings of the 10th international conference on Software Reuse: High Confidence Software Reuse in Large Systems
Specifying Intrusion Detection and Reaction Policies: An Application of Deontic Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
Leftist Grammars Are Non-primitive Recursive
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
The CRUTIAL Architecture for Critical Information Infrastructures
Architecting Dependable Systems V
Patterns and Pattern Diagrams for Access Control
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
A Logical Approach to Dynamic Role-Based Access Control
AIMSA '08 Proceedings of the 13th international conference on Artificial Intelligence: Methodology, Systems, and Applications
Verified Protection Model of the seL4 Microkernel
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
A formal framework for reflective database access control policies
Proceedings of the 15th ACM conference on Computer and communications security
A formal security policy for xenon
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Stale-safe security properties for group-based secure information sharing
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Parameterized access control: from design to prototype
Proceedings of the 4th international conference on Security and privacy in communication netowrks
A security policy for a profile-oriented operating system
AFIPS '81 Proceedings of the May 4-7, 1981, national computer conference
Dynamic, context-aware, least-privilege grid delegation
GRID '07 Proceedings of the 8th IEEE/ACM International Conference on Grid Computing
Resiliency Policies in Access Control
ACM Transactions on Information and System Security (TISSEC)
Requirements-based Access Control Analysis and Policy Specification (ReCAPS)
Information and Software Technology
A secure collaborative web-based environment for virtual organisations
International Journal of Web Based Communities
Security architecture for virtual organizations of business web services
Journal of Systems Architecture: the EUROMICRO Journal
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Transactions on Computational Science IV
Toward practical analysis for trust management policy
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
A conceptual framework for Group-Centric secure information sharing
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Safety in discretionary access control for logic-based publish-subscribe systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Towards formal security analysis of GTRBAC using timed automata
Proceedings of the 14th ACM symposium on Access control models and technologies
Foundations for group-centric secure information sharing models
Proceedings of the 14th ACM symposium on Access control models and technologies
Trading in risk: using markets to improve access control
Proceedings of the 2008 workshop on New security paradigms
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
A Verified Shared Capability Model
Electronic Notes in Theoretical Computer Science (ENTCS)
The epistemology of computer security
ACM SIGSOFT Software Engineering Notes
Data base security: requirements, policies, and models
IBM Systems Journal
Towards an Approach of Semantic Access Control for Cloud Computing
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Collaborative management of web ontology data with flexible access control
Expert Systems with Applications: An International Journal
Injecting a permission-based delegation model to secure web-based workflow systems
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
What is the shape of your security policy?: security as a classification problem
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Authentication and access control using trust collaboration in pervasive grid environments
GPC'07 Proceedings of the 2nd international conference on Advances in grid and pervasive computing
A composite-service authorization prediction platform for grid environment
CDVE'07 Proceedings of the 4th international conference on Cooperative design, visualization, and engineering
A unified conflict resolution algorithm
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Multi-layer audit of access rights
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Refinement for administrative policies
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Component-based security policy design with colored Petri nets
Semantics and algebraic specification
An architecture for enforcing end-to-end access control over web applications
Proceedings of the 15th ACM symposium on Access control models and technologies
Strong and weak policy relations
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
A privacy preservation model for facebook-style social network systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Analyzing uncertainty in TG protection graphs with TG/MC
Journal of Computer Security
Multi-domain trust management in variable-threat environments: a user-centric model
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Intellectual intrusion detection with sequences alignment methods
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
User-role reachability analysis of evolving administrative role based access control
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Intrusion detection and security policy framework for distributed environments
CTS'05 Proceedings of the 2005 international conference on Collaborative technologies and systems
Security policies in distributed CSCW and workflow systems
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Making Linux protection mechanisms egalitarian with UserFS
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Security rules versus security properties
ICISS'10 Proceedings of the 6th international conference on Information systems security
Proceedings of the first ACM conference on Data and application security and privacy
An empirical assessment of approaches to distributed enforcement in role-based access control (RBAC)
Proceedings of the first ACM conference on Data and application security and privacy
Relationship-based access control: protection model and policy language
Proceedings of the first ACM conference on Data and application security and privacy
Automatic conformance checking of role-based access control policies via alloy
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Authorization enforcement usability case study
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Goals for computer security education
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Concerning "Modeling" of computer security
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Security framework for integrated networks
MILCOM'03 Proceedings of the 2003 IEEE conference on Military communications - Volume II
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
Transactions on computational science XI
A practical formal model for safety analysis in capability-based systems
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
An authorization scheme for version control systems
Proceedings of the 16th ACM symposium on Access control models and technologies
Policy analysis for Administrative Role-Based Access Control
Theoretical Computer Science
A feature-based approach for modeling role-based access control systems
Journal of Systems and Software
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
An auto-delegation mechanism for access control systems
STM'10 Proceedings of the 6th international conference on Security and trust management
Conformance checking of dynamic access control policies
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Eyeing your exposure: quantifying and controlling information sharing for improved privacy
Proceedings of the Seventh Symposium on Usable Privacy and Security
Discretionary and mandatory controls for role-based administration
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
From business process choreography to authorization policies
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
On complexity of grammars related to the safety problem
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Using contextual security policies for threat response
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
User-managed access control for health care systems
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Access control requirements for preventing insider threats
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
UCONLEGAL: a usage control model for HIPAA
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
A dynamic access control model
Applied Intelligence
A verifiable modeling approach to configurable role-based access control
FASE'10 Proceedings of the 13th international conference on Fundamental Approaches to Software Engineering
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
A formal privacy system and its application to location based services
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Revocation of obligation and authorisation policy objects
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Context-Aware access control mechanism for ubiquitous applications
AWIC'05 Proceedings of the Third international conference on Advances in Web Intelligence
Leftist grammars and the chomsky hierarchy
FCT'05 Proceedings of the 15th international conference on Fundamentals of Computation Theory
Safety problems in access control with temporal constraints
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Hybrid authorizations and conflict resolution
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
ICGT'06 Proceedings of the Third international conference on Graph Transformations
FORBAC: a flexible organisation and role-based access control model for secure information systems
ADVIS'06 Proceedings of the 4th international conference on Advances in Information Systems
The complexity of discretionary access control
IWSEC'06 Proceedings of the 1st international conference on Security
Visualizing privacy implications of access control policies in social network systems
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Flow based interpretation of access control: detection of illegal information flows
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Unifying decidability results on protection systems using simulations
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
A visualization tool for evaluating access control policies in facebook-style social network systems
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Risk-Based auto-delegation for probabilistic availability
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
PTaCL: a language for attribute-based access control in open systems
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Information systems security: Scope, state-of-the-art, and evaluation of techniques
International Journal of Information Management: The Journal for Information Professionals
Analyzing temporal role based access control models
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
A framework for the modular specification and orchestration of authorization policies
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Automated analysis of infinite state workflows with access control policies
STM'11 Proceedings of the 7th international conference on Security and Trust Management
Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL
Information and Software Technology
On XACML's adequacy to specify and to enforce HIPAA
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
OSDM: an organizational supervised delegation model for RBAC
ISC'12 Proceedings of the 15th international conference on Information Security
The need for application-aware access control evaluation
Proceedings of the 2012 workshop on New security paradigms
Heuristic safety analysis of access control models
Proceedings of the 18th ACM symposium on Access control models and technologies
Ensuring continuous compliance through reconciling policy with usage
Proceedings of the 18th ACM symposium on Access control models and technologies
Proceedings of the 18th ACM symposium on Access control models and technologies
Property-testing real-world authorization systems
Proceedings of the 18th ACM symposium on Access control models and technologies
Mandatory access control with a multi-level reference monitor: PIGA-cluster
Proceedings of the first workshop on Changing landscapes in HPC security
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
Formal verification of security properties in trust management policy
Journal of Computer Security
| Hi-index | 48.27 |
A model of protection mechanisms in computing systems is presented and its appropriateness is argued. The “safety” problem for protection systems under this model is to determine in a given situation whether a subject can acquire a particular right to an object. In restricted cases, it can be shown that this problem is decidable, i.e. there is an algorithm to determine whether a system in a particular configuration is safe. In general, and under surprisingly weak assumptions, it cannot be decided if a situation is safe. Various implications of this fact are discussed.