Specification of management policies and discretionary access control
Network and distributed systems management
Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role based access control with the security administration manager (SAM)
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
How to do discretionary access control using roles
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Access control mechanisms for inter-organizational workflow
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
On the specification and evolution of access control policies
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Access Control and Trust in the Use of Widely Distributed Services
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
A Formal Model for Role-Based Access Control with Constraints
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Toward open, secure, widely distributed services
Communications of the ACM - Adaptive middleware
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Access control and trust in the use of widely distributed services
Software—Practice & Experience - Special issue: Middleware
Policy Storage for Role-Based Access Control Systems
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Policy-enabled mechanisms for feature interactions: reality, expectations, challenges
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue: Directions in feature interaction research
A case study of separation of duty properties in the context of the Austrian "eLaw" process.
Proceedings of the 2005 ACM symposium on Applied computing
Policies and conflicts in call control
Computer Networks: The International Journal of Computer and Telecommunications Networking
lightweight decentralized authorization model for inter-domain collaborations
Proceedings of the 2007 ACM workshop on Secure web services
Knowledge sharing in virtual enterprises via an ontology-based access control approach
Computers in Industry
Synthesising verified access control systems through model checking
Journal of Computer Security
Towards an Approach of Semantic Access Control for Cloud Computing
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
The regularity principle of self-management
Proceedings of the second international workshop on Self-organizing architectures
Hi-index | 0.00 |
In this paper meta-policies for access control policiesare presented. There has been a lot of research into the variousways of specifying policy for a single domain. Suchdomains are autonomous and can be managed by the usersor by a specific system administrator. It is often helpful tohave a more general policy description in order to restrictthe ways in which policy can be modified. Meta-policies fillthis particular role. With their help changes to policy canbe made subject to predefined constraints. Meta-policiesare long lived and so can provide users with stable informationabout the policy of the system. In addition theycan provide bodies external to a domain with relevant butrestricted information about its policies, so forming a basisfor co-operation between domains. For example, a domain'smeta-policy can function as a policy interface, thusestablishing a basis for agreement on the structure of theobjects accessed. In this way it is possible to build servicelevel agreements between domains automatically.