Database security
Role-Based Access Control Models
Computer
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Synthesising verified access control systems in XACML
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Reasoning about XACML policies using CSP
Proceedings of the 2005 workshop on Secure web services
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
On classifying access control implementations for distributed systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Synthesising verified access control systems through model checking
Journal of Computer Security
A rewriting framework for the composition of access control policies
Proceedings of the 10th international ACM SIGPLAN conference on Principles and practice of declarative programming
Patterns and Pattern Diagrams for Access Control
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
Validating Access Control Configurations in J2EE Applications
CBSE '08 Proceedings of the 11th International Symposium on Component-Based Software Engineering
An access control framework for reflective middleware
Journal of Computer Science and Technology
XML-based access control languages
Information Security Tech. Report
Term rewriting for access control
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
The architecture of a privacy-aware access control decision component
CASSIS'05 Proceedings of the Second international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Hiding data and structure in workflow provenance
DNIS'11 Proceedings of the 7th international conference on Databases in Networked Information Systems
Survey: Usage control in computer security: A survey
Computer Science Review
Hi-index | 0.00 |
Access control is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied. The variety and complexity of the protection requirements that may need to be imposed makes access control a far from trivial process. Expressiveness and flexibility are top requisites for an access control system together with, and usually in conflict with, simplicity and efficiency. In this paper, we discuss the main desiderata for access control systems and illustrate the main characteristics of access control solutions in some of the most popular existing systems.