Selective and locally controlled transport of privileges
ACM Transactions on Programming Languages and Systems (TOPLAS) - Lecture notes in computer science Vol. 174
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
Operating System Structures to Support Security and Reliable Software
ACM Computing Surveys (CSUR)
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
Protection in operating systems
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
Capability-Based Computer Systems
Capability-Based Computer Systems
Cryptography and data security
Cryptography and data security
Authentication and revocation in SPM extended abstract
ACM SIGOPS Operating Systems Review
Extending the Schematic Protection Model II: revocation
ACM SIGOPS Operating Systems Review
Towards a task-based paradigm for flexible and adaptable access control in distributed applications
NSPW '92-93 Proceedings on the 1992-1993 workshop on New security paradigms
How to do discretionary access control using roles
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
On the decidability of accessibility problems (extended abstract)
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
An access control model for simplifying constraint expression
Proceedings of the 7th ACM conference on Computer and communications security
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
A service architecture for mobile teamwork
SEKE '02 Proceedings of the 14th international conference on Software engineering and knowledge engineering
An Access Control Model and Its Use in Representing Mental Health Application Access Policy
IEEE Transactions on Knowledge and Data Engineering
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
An attribute-based access matrix model
Proceedings of the 2005 ACM symposium on Applied computing
Safety analysis of usage control authorization models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Resiliency policies in access control
Proceedings of the 13th ACM conference on Computer and communications security
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
A review of information security issues and respective research contributions
ACM SIGMIS Database
Resiliency Policies in Access Control
ACM Transactions on Information and System Security (TISSEC)
Towards formal security analysis of GTRBAC using timed automata
Proceedings of the 14th ACM symposium on Access control models and technologies
Foundations for group-centric secure information sharing models
Proceedings of the 14th ACM symposium on Access control models and technologies
A privacy preservation model for facebook-style social network systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Proactive defense of insider threats through authorization management
Proceedings of 2011 international workshop on Ubiquitous affective awareness and intelligent interaction
Policy analysis for Administrative Role-Based Access Control
Theoretical Computer Science
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
Discretionary capability confinement
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Unifying decidability results on protection systems using simulations
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
| Hi-index | 0.01 |
The protection state of a system is defined by the privileges possessed by subjects at a given moment. Operations that change this state are themselves authorized by the current state. This poses a design problem in constructing the initial state so that all derivable states conform to a particular policy. It also raises an analysis problem of characterizing the protection states derivable from a given initial state. A protection model provides a framework for both design and analysis. Design generality and tractable analysis are inherently conflicting goals. Analysis is particularly difficult if creation of subjects is permitted. The schematic protection model resolves this conflict by classifying subjects and objects into protection types. The privileges possessed by a subject consist of a type-determined part specified by a static protection scheme and a dynamic part consisting of tickets (capabilities). It is shown that analysis is tractable for this model provided certain restrictions are imposed on subject creation. A scheme authorizes creation of subjects via a binary relation on subject types. Our principal constraint is that this relation be acyclic, excepting loops that authorize a subject to create subjects of its own type. Our assumptions admit a variety of useful systems.