Role-Based Access Control Models
Computer
Coyote: a system for constructing fine-grain configurable communication services
ACM Transactions on Computer Systems (TOCS)
ACM Transactions on Information and System Security (TISSEC)
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Lattice-Based Access Control Models
Computer
Implementing Remote procedure calls
SOSP '83 Proceedings of the ninth ACM symposium on Operating systems principles
Methods and Limitations of Security Policy Reconciliation
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Policy management in secure group communication
Policy management in secure group communication
Antigone: a flexible framework for secure group communication
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Certificate-based access control for widely distributed resources
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Implementing access control to people location information
Proceedings of the ninth ACM symposium on Access control models and technologies
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
Context-Based Access Control for Ubiquitous Service Provisioning
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Access control to people location information
ACM Transactions on Information and System Security (TISSEC)
ACM Transactions on Computer-Human Interaction (TOCHI)
Lightweight cnsistency enforcement schemes for distributed proofs with hidden subtrees
Proceedings of the 12th ACM symposium on Access control models and technologies
Security policy compliance with violation management
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Context-aware role-based access control in pervasive computing systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Analyzing websites for user-visible security design flaws
Proceedings of the 4th symposium on Usable privacy and security
Semantic context aware security policy deployment
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Context-Based Constraints in Security: Motivations and First Approach
Electronic Notes in Theoretical Computer Science (ENTCS)
A trusted decentralized access control framework for the client/server architecture
Journal of Network and Computer Applications
Utilizing Semantic Knowledge for Access Control in Pervasive and Ubiquitous Systems
Mobile Networks and Applications
Security in practice - security-usability chasm
ICISS'07 Proceedings of the 3rd international conference on Information systems security
On the consistency of distributed proofs with hidden subtrees
ACM Transactions on Information and System Security (TISSEC)
A universal access control method based on host identifiers for Future Internet
Computers & Mathematics with Applications
Dynamic deployment of context-aware access control policies for constrained security devices
Journal of Systems and Software
Proactive defense of insider threats through authorization management
Proceedings of 2011 international workshop on Ubiquitous affective awareness and intelligent interaction
Context-Aware provisional access control
ICISS'06 Proceedings of the Second international conference on Information Systems Security
The case for cloud-enabled mobile sensing services
Proceedings of the first edition of the MCC workshop on Mobile cloud computing
| Hi-index | 0.00 |
Authorization policy infrastructures are evolving with the complex environments that they support. However, the requirements and technologies supporting context are not yet well understood. Often implemented as condition functions or predefined attributes, context is used to more precisely control when and how policy is enforced. This paper considers context requirements and services in authorization policy. The properties and security requirements of context evaluation are classified. A key observation gleaned from this classification is the degree to which context functions share common properties. The Antigone Condition Framework (ACF) exploits these commonalities to provide a general purpose condition service and associated API. The prototype ACF design is presented and illustrated, and directions for future work considered.