The modeling and representation of security semantics for database applications
The modeling and representation of security semantics for database applications
A lattice model of secure information flow
Communications of the ACM
A note on the confinement problem
Communications of the ACM
ACM SIGOPS Operating Systems Review
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Towards a framework for integrating multilevel secure models and temporal data models
CIKM '94 Proceedings of the third international conference on Information and knowledge management
Role-Based Access Control Models
Computer
Authentication, access control, and audit
ACM Computing Surveys (CSUR)
Proceedings of the 4th ACM conference on Computer and communications security
Mandatory access control and role-based access control revisited
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Rationale for the RBAC96 family of access control models
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
How to do discretionary access control using roles
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The multilevel relational (MLR) data model
ACM Transactions on Information and System Security (TISSEC)
The RSL99 language for role-based separation of duty constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
An access control model for simplifying constraint expression
Proceedings of the 7th ACM conference on Computer and communications security
Balancing cooperation and risk in intrusion detection
ACM Transactions on Information and System Security (TISSEC)
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Security models for web-based applications
Communications of the ACM
On the specification and evolution of access control policies
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Cost profile of a highly assured, secure operating system
ACM Transactions on Information and System Security (TISSEC)
A nested transaction model for multilevel secure database management systems
ACM Transactions on Information and System Security (TISSEC)
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
Role-based access control and the access control matrix
ACM SIGOPS Operating Systems Review
An access control language for web services
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Towards usage control models: beyond traditional access control
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Information flow analysis of an RBAC system
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Security Control for COTS Components
Computer
A Trusted Subject Architecture for Multilevel Secure Object-Oriented Databases
IEEE Transactions on Knowledge and Data Engineering
The Policy Machine for Security Policy Management
ICCS '01 Proceedings of the International Conference on Computational Science-Part II
An Analysis of Access Control Models
ACISP '99 Proceedings of the 4th Australasian Conference on Information Security and Privacy
A Knowledge-Based Approach to Internet Authorizations
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Mathematical Models of Computer Security
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Conflict Detection and Resolution in Access Control Policy Specifications
FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
Modelling Security Policies in Hypermedia and Web-Based Applications
Web Engineering, Software Engineering and Web Application Development
Information Flow Control among Objects in Role-Based Access Control Model
DEXA '01 Proceedings of the 12th International Conference on Database and Expert Systems Applications
Foundations for a Graph-Based Approach to the Specification of Access Control Policies
FoSSaCS '01 Proceedings of the 4th International Conference on Foundations of Software Science and Computation Structures
Hierarchical data security in a query-by-example interface for a shared database
Journal of Biomedical Informatics
Verified formal security models for multiapplicative smart cards
Journal of Computer Security - Special issue on ESORICS 2000
On context in authorization policy
Proceedings of the eighth ACM symposium on Access control models and technologies
A theorem on grid access control
Journal of Computer Science and Technology - Grid computing
Role-based authorization in decentralized health care environments
Proceedings of the 2003 ACM symposium on Applied computing
A bitmap-based access control for restricted views of XML documents
Proceedings of the 2003 ACM workshop on XML security
Access control in semantic grid
Future Generation Computer Systems - Special issue: Semantic grid and knowledge grid: the next-generation web
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
A compressed accessibility map for XML
ACM Transactions on Database Systems (TODS)
On the benefits of decomposing policy engines into components
ARM '04 Proceedings of the 3rd workshop on Adaptive and reflective middleware
Lessons learned using alloy to formally specify MLS-PCA trusted security architecture
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Providing flexible access control to an information flow control model
Journal of Systems and Software
Organization structure based access control model
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
An agent-based inter-application information flow control model
Journal of Systems and Software - Special issue: Software engineering education and training
Towards a unifying view on security contracts
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Formal model and policy specification of usage control
ACM Transactions on Information and System Security (TISSEC)
Modelling hypermedia and web applications: the Ariadne development method
Information Systems
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Application security support in the operating system kernel
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Multi-site cooperative data stream analysis
ACM SIGOPS Operating Systems Review
An effective role administration model using organization structure
ACM Transactions on Information and System Security (TISSEC)
Securing sensitive content in a view-only file system
Proceedings of the ACM workshop on Digital rights management
NETRA:: seeing through access control
Proceedings of the fourth ACM workshop on Formal methods in security
A review of information security issues and respective research contributions
ACM SIGMIS Database
SecureBus: towards application-transparent trusted computing with mandatory access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Enforcing provisioning and authorization policy in the Antigone system
Journal of Computer Security
Managing the risk of covert information flows in virtual machine systems
Proceedings of the 12th ACM symposium on Access control models and technologies
Unified support for heterogeneous security policies in distributed systems
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Providing policy control over object operations in a mach based system
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Access control models and security labelling
ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Toward a Usage-Based Security Framework for Collaborative Computing Systems
ACM Transactions on Information and System Security (TISSEC)
A dynamic key management solution to access hierarchy
International Journal of Network Management
Concurrency control based on role concept
International Journal of High Performance Computing and Networking
Document access control in organisational workflows
International Journal of Information and Computer Security
Model-based behavioral attestation
Proceedings of the 13th ACM symposium on Access control models and technologies
Security types for dynamic web data
Theoretical Computer Science
Role management in adhoc networks
SpringSim '07 Proceedings of the 2007 spring simulaiton multiconference - Volume 1
Preventing Illegal Information Flow Based on Role-Based Access Control Model
NBiS '08 Proceedings of the 2nd international conference on Network-Based Information Systems
A Context-Aware Mandatory Access Control Model for Multilevel Security Environments
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Stale-safe security properties for group-based secure information sharing
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Preventing conflict situations during authorization
WSEAS Transactions on Computers
CLASP: collaborating, autonomous stream processing systems
Proceedings of the ACM/IFIP/USENIX 2007 International Conference on Middleware
Rewrite Based Specification of Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Access Control Management for SCADA Systems
IEICE - Transactions on Information and Systems
A purpose-based synchronisation protocol of multiple transactions in multi-agent systems
International Journal of Business Intelligence and Data Mining
Configuring storage-area networks using mandatory security
Journal of Computer Security
A legal information flow (LIF) scheduler based on role-based access control model
Computer Standards & Interfaces
Towards System Integrity Protection with Graph-Based Policy Analysis
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Security-enhanced OSGi service environments
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
On declassification and the non-disclosure policy
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Modelling hypermedia and web applications: the Ariadne Development Method
Information Systems
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
Role-based scheduling and synchronization algorithms to prevent illegal information flow
NBiS'07 Proceedings of the 1st international conference on Network-based information systems
Security types for dynamic web data
TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
An integrated model for access control and information flow requirements
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
CLASP: collaborating, autonomous stream processing systems
MIDDLEWARE2007 Proceedings of the 8th ACM/IFIP/USENIX international conference on Middleware
Journal of Theoretical and Applied Electronic Commerce Research
Efficient inference control for open relational queries
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Group-centric models for secure and agile information sharing
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
DR@FT: efficient remote attestation framework for dynamic systems
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
A security model of dynamic labeling providing a tiered approach to verification
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Nexus authorization logic (NAL): Design rationale and applications
ACM Transactions on Information and System Security (TISSEC)
A notation for policies using feature structures
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
A service-centric approach to a parameterized RBAC service
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Types for security in a mobile world
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
NEW2AN'11/ruSMART'11 Proceedings of the 11th international conference and 4th international conference on Smart spaces and next generation wired/wireless networking
A contextual multilevel access control model
International Journal of Internet Technology and Secured Transactions
Resolving information flow conflicts in RBAC systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Global transaction control with multilevel security environments
FSKD'06 Proceedings of the Third international conference on Fuzzy Systems and Knowledge Discovery
User-managed access control for health care systems
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
UCONLEGAL: a usage control model for HIPAA
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Automatic composition of secure workflows
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
A relational database integrity framework for access control policies
Journal of Intelligent Information Systems
Enforcing semantics-aware security in multimedia surveillance
Journal on Data Semantics II
OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, COA, and ODBASE - Volume Part II
On lattices in access control models
ICCS'06 Proceedings of the 14th international conference on Conceptual Structures: inspiration and Application
Role-based serializability for distributed object systems
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Towards a formal specification method for enterprise information system security
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Flow based interpretation of access control: detection of illegal information flows
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
ICISS'05 Proceedings of the First international conference on Information Systems Security
Redactable signatures for independent removal of structure and content
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
A unified attribute-based access control model covering DAC, MAC and RBAC
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Enforcing confidentiality in relational databases by reducing inference control to access control
ISC'07 Proceedings of the 10th international conference on Information Security
A role-based administration model for attributes
Proceedings of the First International Workshop on Secure and Resilient Architectures and Systems
Context-awareness: exploring the imperative shared context of security and ubiquitous computing
Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services
A review of GENI authentication and access control mechanisms
International Journal of Security and Networks
Model-based, event-driven programming paradigm for interactive web applications
Proceedings of the 2013 ACM international symposium on New ideas, new paradigms, and reflections on programming & software
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
Proceedings of the 23rd international conference on World wide web
| Hi-index | 4.13 |
Lattice-based access control models were developed in the early 1970s to deal with the confidentiality of military information. In the late 1970s and early 1980s, researchers applied these models to certain integrity concerns. Later, application of the models to the Chinese Wall policy, a confidentiality policy unique to the commercial sector, was demonstrated. A balanced perspective on lattice-based access control models is provided. Information flow policies, the military lattice, access control models, the Bell-LaPadula model, the Biba model and duality, and the Chinese Wall lattice are reviewed. The limitations of the models are identified.