Database security
Role-Based Access Control Models
Computer
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
A logical framework for reasoning about access control models
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
On the specification and evolution of access control policies
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
COMPLEX: An Object-Oriented Logic Programming System
IEEE Transactions on Knowledge and Data Engineering
Protecting Deductive Databases from Unauthorized Retrievals
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Stepwise Refinement of Distributed Systems, Models, Formalisms, Correctness, REX Workshop
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
Flexible access control policy specification with constraint logic programming
ACM Transactions on Information and System Security (TISSEC)
On the role of roles: from role-based to role-sensitive access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Efficient and flexible access control via logic program specialisation
Proceedings of the 2004 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Feature interaction in policies
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue: Directions in feature interaction research
Policies and conflicts in call control
Computer Networks: The International Journal of Computer and Telecommunications Networking
Efficient and flexible access control via Jones-optimal logic program specialisation
Higher-Order and Symbolic Computation
Host-Based Security Challenges and Controls: A Survey of Contemporary Research
Information Security Journal: A Global Perspective
Requirements of federated trust management for service-oriented architectures
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Analysis of virtual machine system policies
Proceedings of the 14th ACM symposium on Access control models and technologies
Logic-based detection of conflicts in APPEL policies
FSEN'07 Proceedings of the 2007 international conference on Fundamentals of software engineering
Context RBAC/MAC access control for ubiquitous environment
DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
A logical specification and analysis for SELinux MLS policy
ACM Transactions on Information and System Security (TISSEC)
A framework towards enhancing trust and authorisation for e-commerce service
International Journal of Internet Technology and Secured Transactions
Security enhancement of smart phones for enterprises by applying mobile VPN technologies
ICCSA'11 Proceedings of the 2011 international conference on Computational science and its applications - Volume Part III
Term rewriting for access control
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Logic-based Conflict Detection for Distributed Policies
Fundamenta Informaticae - Fundamentals of Software Engineering 2007: Selected Contributions
| Hi-index | 0.00 |
This paper describes the architecture and the core specificationlanguage of an extensible access control system,called MACS - Multipolicy Access Control System.Severalaccess control models are supported by the proposedsystem, including the mandatory model, a flexible discretionarymodel, and RBAC. In addition, by using the corespecification language, users can define their own accesscontrol models. The language is complemented by a numberof tools supporting users in the tasks of model specificationand analysis, and authorization management. Theproposed system is a multipolicy system in that it allows oneto apply different policies to different partitions of the set ofobjects to be protected. Therefore, different access controlpolicies can co-exist, thus enhancing the flexibility of thesystem.