Foundations of logic programming; (2nd extended ed.)
Foundations of logic programming; (2nd extended ed.)
Principles of database and knowledge-base systems, Vol. I
Principles of database and knowledge-base systems, Vol. I
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Equivalence, query-reachability and satisfiability in Datalog extensions
PODS '93 Proceedings of the twelfth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Database security
Role-Based Access Control Models
Computer
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Handbook of graph grammars and computing by graph transformation: volume I. foundations
Handbook of graph grammars and computing by graph transformation: volume I. foundations
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Handbook of graph grammars and computing by graph transformation: vol. 2: applications, languages, and tools
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
On the specification and evolution of access control policies
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
Starburst Mid-Flight: As the Dust Clears
IEEE Transactions on Knowledge and Data Engineering
COMPLEX: An Object-Oriented Logic Programming System
IEEE Transactions on Knowledge and Data Engineering
A Model for Evaluation and Administration of Security in Object-Oriented Databases
IEEE Transactions on Knowledge and Data Engineering
An Authorization Model for a Distributed Hypertext System
IEEE Transactions on Knowledge and Data Engineering
An Extended Authorization Model for Relational Databases
IEEE Transactions on Knowledge and Data Engineering
A Content-Based Authorization Model for Digital Libraries
IEEE Transactions on Knowledge and Data Engineering
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Role Hierarchies and Constraints for Lattice-Based Access Controls
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
A Formal Model for Role-Based Access Control Using Graph Transformation
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
PROGRESS: A VHL-Language Based on Graph Grammars
Proceedings of the 4th International Workshop on Graph-Grammars and Their Application to Computer Science
Dactl: An Experimental Graph Rewriting Language
Proceedings of the 4th International Workshop on Graph-Grammars and Their Application to Computer Science
A System to Specify and Manage Multipolicy Access Control Models
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Security for Object-Oriented Database Systems
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A Petri net based safety analysis of workflow authorization models^1
Journal of Computer Security
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Comparing the expressive power of access control models
Proceedings of the 11th ACM conference on Computer and communications security
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
On classifying access control implementations for distributed systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Presto Authorization: A Bitmap Indexing Scheme for High-Speed Access Control to XML Documents
IEEE Transactions on Knowledge and Data Engineering
An extended RBAC profile of XACML
Proceedings of the 3rd ACM workshop on Secure web services
Compact access control labeling for efficient secure XML query evaluation
Data & Knowledge Engineering
SecureBus: towards application-transparent trusted computing with mandatory access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
A posteriori compliance control
Proceedings of the 12th ACM symposium on Access control models and technologies
High Level Conflict Management Strategies in Advanced Access Control Models
Electronic Notes in Theoretical Computer Science (ENTCS)
Security policy compliance with violation management
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
A Trust- and Property-based Access Control Model
Electronic Notes in Theoretical Computer Science (ENTCS)
Capturing industry experience for an effective information security assessment
International Journal of Information Systems and Change Management
A theory for comparing the expressive power of access control models
Journal of Computer Security
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
Towards Modal Logic Formalization of Role-Based Access Control with Object Classes
FORTE '07 Proceedings of the 27th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
Access Control for XML Document
IEA/AIE '08 Proceedings of the 21st international conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems: New Frontiers in Applied Artificial Intelligence
Security and privacy for geospatial data: concepts and research directions
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
The Halting Problem and Undecidability of Document Generation under Access Control for Tree Updates
LATA '09 Proceedings of the 3rd International Conference on Language and Automata Theory and Applications
Foundations for group-centric secure information sharing models
Proceedings of the 14th ACM symposium on Access control models and technologies
A Knowledge Based Formal Language for Securing Information Systems
KES '09 Proceedings of the 13th International Conference on Knowledge-Based and Intelligent Information and Engineering Systems: Part I
Formalization of RBAC policy with object class hierarchy
ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
A logic for state-modifying authorization policies
ACM Transactions on Information and System Security (TISSEC)
Using ASP for knowledge management with user authorization
Data & Knowledge Engineering
Information and Computation
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
A logic program solution for conflict authorizations
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Authrule: a generic rule-based authorization module
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Access control requirements for preventing insider threats
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
An OWL-Based approach for RBAC with negative authorization
KSEM'06 Proceedings of the First international conference on Knowledge Science, Engineering and Management
A relational database integrity framework for access control policies
Journal of Intelligent Information Systems
A new approach for conflict resolution of authorization
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I
Securing data accountability in decentralized systems
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
Representation and reasoning on RBAC: a description logic approach
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
A linear logic of authorization and knowledge
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Representation and reasoning on role-based access control policies with conceptual graphs
ICCS'06 Proceedings of the 14th international conference on Conceptual Structures: inspiration and Application
Modeling and inferring on role-based access control policies using data dependencies
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Formal specification and validation of security policies
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
TBA: a hybrid of logic and extensional access control systems
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
A logic for state-modifying authorization policies
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
The need for application-aware access control evaluation
Proceedings of the 2012 workshop on New security paradigms
Automated analysis of rule-based access control policies
PLPV '13 Proceedings of the 7th workshop on Programming languages meets program verification
DEAL: A Distributed Authorization Language for Ambient Intelligence
International Journal of Ambient Computing and Intelligence
CA-ABAC: Class Algebra Attribute-Based Access Control
WI-IAT '12 Proceedings of the The 2012 IEEE/WIC/ACM International Joint Conferences on Web Intelligence and Intelligent Agent Technology - Volume 03
A modal logic for information system security
AISC '11 Proceedings of the Ninth Australasian Information Security Conference - Volume 116
On the suitability of dissemination-centric access control systems for group-centric sharing
Proceedings of the 4th ACM conference on Data and application security and privacy
Extensible policy framework for heterogeneous network environments
International Journal of Information and Computer Security
Hi-index | 0.00 |
The increased awareness of the importance of data protection has made access control a relevant component of current data management systems. Moreover, emerging applications and data models call for flexible and expressive access control models. This has led to an extensive research activity that has resulted in the definition of a variety of access control models that differ greatly with respect to the access control policies they support. Thus, the need arises for developing tools for reasoning about the characteristics of these models. These tools should support users in the tasks of model specification, analysis of model properties, and authorization management. For example, they must be able to identify inconsistencies in the model specification and must support the administrator in comparing the expressive power of different models. In this paper, we make a first step in this direction by proposing a formal framework for reasoning about access control models. The framework we propose is based on a logical formalism and is general enough to model discretionary, mandatory, and role-based access control models. Each instance of the proposed framework corresponds to a C-Datalog program, interpreted according to a stable model semantics. In the paper, besides giving the syntax and the formal semantics of our framework, we show some examples of its application. Additionally, we present a number of dimensions along which access control models can be analyzed and compared. For each dimension, we show decidability results and we present some examples of its application.