Proceedings of the ninth ACM symposium on Access control models and technologies
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
Safe data sharing and data dissemination on smart devices
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
A formal approach for testing security rules
Proceedings of the 12th ACM symposium on Access control models and technologies
High Level Conflict Management Strategies in Advanced Access Control Models
Electronic Notes in Theoretical Computer Science (ENTCS)
Dynamic access-control policies on XML encrypted data
ACM Transactions on Information and System Security (TISSEC)
Security policy compliance with violation management
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Weaving rewrite-based access control policies
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Client-based access control management for XML documents
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Role engineering: From design to evolution of security schemes
Journal of Systems and Software
Deploying access control in distributed workflow
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Specifying Intrusion Detection and Reaction Policies: An Application of Deontic Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
The CRUTIAL Architecture for Critical Information Infrastructures
Architecting Dependable Systems V
Analysis of a Redundant Architecture for Critical Infrastructure Protection
Architecting Dependable Systems V
BPEL4RBAC: An Authorisation Specification for WS-BPEL
WISE '08 Proceedings of the 9th international conference on Web Information Systems Engineering
BusiROLE: A Model for Integrating Business Roles into Identity Management
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
A Model-Based Framework for Security Policy Specification, Deployment and Testing
MoDELS '08 Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems
Modeling System Security Rules with Time Constraints Using Timed Extended Finite State Machines
DS-RT '08 Proceedings of the 2008 12th IEEE/ACM International Symposium on Distributed Simulation and Real-Time Applications
Revocation Schemes for Delegation Licences
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Supporting dynamic administration of RBAC in web-based collaborative applications during run-time
International Journal of Information and Computer Security
Semantic context aware security policy deployment
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
A Service Dependency Modeling Framework for Policy-Based Response Enforcement
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Reaction Policy Model Based on Dynamic Organizations and Threat Context
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Proceedings of the 2009 ACM workshop on Secure web services
A formal logic approach to firewall packet filtering analysis and generation
Artificial Intelligence Review
Security policies for the visualization of Geo Data
Proceedings of the 2nd SIGSPATIAL ACM GIS 2009 International Workshop on Security and Privacy in GIS and LBS
Policy-based intrusion detection in web applications by monitoring Java information flows
International Journal of Information and Computer Security
An ontology-based approach to react to network attacks
International Journal of Information and Computer Security
An integrated model for access control and information flow requirements
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
A formal framework for adaptive access control models
Journal on data semantics IX
Trust and privacy in attribute based access control for collaboration environments
Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
Authorization control in collaborative healthcare systems
Journal of Theoretical and Applied Electronic Commerce Research
Component-based security policy design with colored Petri nets
Semantics and algebraic specification
Rule-based policy enforcement point for map services
Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Enabling decentralised management through federation
Computer Networks: The International Journal of Computer and Telecommunications Networking
fQuery: SPARQL query rewriting to enforce data confidentiality
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Personal data anonymization for security and privacy in collaborative environments
CTS'05 Proceedings of the 2005 international conference on Collaborative technologies and systems
An agent and RBAC model to secure cooperative information systems
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Security mechanisms for geographic data
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Automatic conformance checking of role-based access control policies via alloy
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Rewriting of SPARQL/update queries for securing data access
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Using special use cases for security in the software development life cycle
WISA'10 Proceedings of the 11th international conference on Information security applications
MIRAGE: a management tool for the analysis and deployment of network security policies
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Protecting critical infrastructures while preserving each organization's autonomy
ICDCIT'11 Proceedings of the 7th international conference on Distributed computing and internet technology
Architecting and validating dependable systems: experiences and visions
Architecting dependable systems VII
Dynamic deployment of context-aware access control policies for constrained security devices
Journal of Systems and Software
An approach to modular and testable security models of real-world health-care applications
Proceedings of the 16th ACM symposium on Access control models and technologies
Challenges in model-based evolution and merging of access control policies
Proceedings of the 12th International Workshop on Principles of Software Evolution and the 7th annual ERCIM Workshop on Software Evolution
An auto-delegation mechanism for access control systems
STM'10 Proceedings of the 6th international conference on Security and trust management
Information and Software Technology
Formal analysis of usage control policies
Proceedings of the 4th international conference on Security of information and networks
Combining UML, ASTD and B for the formal specification of an access control filter
Innovations in Systems and Software Engineering
On Using B in the Design of Secure Micro-controllers: An Experience Report
Electronic Notes in Theoretical Computer Science (ENTCS)
A contextual multilevel access control model
International Journal of Internet Technology and Secured Transactions
CRUTIAL: the blueprint of a reference critical information infrastructure architecture
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Test generation for network security rules
TestCom'06 Proceedings of the 18th IFIP TC6/WG6.1 international conference on Testing of Communicating Systems
A dynamic access control model
Applied Intelligence
Formalising and validating RBAC-to-XACML translation using lightweight formal methods
ABZ'10 Proceedings of the Second international conference on Abstract State Machines, Alloy, B and Z
OS-DRAM: a delegation administration model in a decentralized enterprise environment
WAIM '06 Proceedings of the 7th international conference on Advances in Web-Age Information Management
A state/event temporal deontic logic
DEON'06 Proceedings of the 8th international conference on Deontic Logic and Artificial Normative Systems
FORBAC: a flexible organisation and role-based access control model for secure information systems
ADVIS'06 Proceedings of the 4th international conference on Advances in Information Systems
O2O: virtual private organizations to manage security policy interoperability
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Security policy enforcement through refinement process
B'07 Proceedings of the 7th international conference on Formal Specification and Development in B
Integration of security policy into system modeling
B'07 Proceedings of the 7th international conference on Formal Specification and Development in B
Dynamic security rules for geo data
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
ASRBAC: a security administration model for mobile autonomic networks (MAutoNets)
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Model-Driven security policy deployment: property oriented approach
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Refactoring access control policies for performance improvement
ICPE '12 Proceedings of the 3rd ACM/SPEC International Conference on Performance Engineering
A metamodel for the design of access-control policy enforcement managers: work in progress
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Specification and verification of access control policies in EB3SEC: work in progress
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Enforcing protection mechanisms for geographic data
W2GIS'12 Proceedings of the 11th international conference on Web and Wireless Geographical Information Systems
Adaptive access control enforcement in social network using aspect weaving
DASFAA'12 Proceedings of the 17th international conference on Database Systems for Advanced Applications
V2C: a secure vehicle to cloud framework for virtualized and on-demand service provisioning
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
N-ary tree based key distribution in a network as a service provisioning model
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
ROAC: a role-oriented access control model
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
A unified attribute-based access control model covering DAC, MAC and RBAC
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Challenges in ehealth: from enabling to enforcing privacy
FHIES'11 Proceedings of the First international conference on Foundations of Health Informatics Engineering and Systems
Modular access control via strategic rewriting
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
RABAC: role-centric attribute-based access control
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
A model-driven approach for the extraction of network access-control policies
Proceedings of the Workshop on Model-Driven Security
An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations
International Journal of Mobile Computing and Multimedia Communications
Enabling dynamic security policy in the java security manager
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
An access control framework for hybrid policies
Proceedings of the 6th International Conference on Security of Information and Networks
Formal methods for exchange policy specification
CAiSE'13 Proceedings of the 25th international conference on Advanced Information Systems Engineering
ICWE'13 Proceedings of the 13th international conference on Web Engineering
Designing flexible access control models for the cloud
Proceedings of the 6th International Conference on Security of Information and Networks
Fine-grained privacy control for the RFID middleware of EPCglobal networks
Proceedings of the Fifth International Conference on Management of Emergent Digital EcoSystems
A privacy-aware access control model for distributed network monitoring
Computers and Electrical Engineering
Future Generation Computer Systems
Information and Software Technology
Federation Lifecycle Management Incorporating Coordination of Bio-inspired Self-management Processes
Journal of Network and Systems Management
Formal specification and management of security policies with collective group obligations
Journal of Computer Security
| Hi-index | 0.00 |
None of the classical access control models such asDAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rulesrelated to permissions, prohibitions, obligations andrecommendations. This is typically the case of security policies that apply to the health care domain. In this paper, we suggest a new model that providessolutions to specify such contextual security policies.This model, called Organization based access control,is presented using a formal language based on first-order logic.