A framework for distributed authorization
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Managing security policies in a distributed environment using eXtensible markup language (XML)
Proceedings of the 2001 ACM symposium on Applied computing
An authorization model for temporal and derived data: securing information portals
ACM Transactions on Information and System Security (TISSEC)
Providing Fine-grained Access Control for Java Programs
ECOOP '99 Proceedings of the 13th European Conference on Object-Oriented Programming
On transformation of authorization policies
Data & Knowledge Engineering
An Authorization Model for Geospatial Data
IEEE Transactions on Dependable and Secure Computing
Access Control for XML Document
IEA/AIE '08 Proceedings of the 21st international conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems: New Frontiers in Applied Artificial Intelligence
Flexible Resolution of Authorisation Conflicts in Distributed Systems
DSOM '08 Proceedings of the 19th IFIP/IEEE international workshop on Distributed Systems: Operations and Management: Managing Large-Scale Service Deployment
Reasoning on Weighted Delegatable Authorizations
DEXA '09 Proceedings of the 20th International Conference on Database and Expert Systems Applications
Distributed and Parallel Databases
Using ASP for knowledge management with user authorization
Data & Knowledge Engineering
A dynamic security framework for ambient intelligent systems: a smart-home based eHealth application
Transactions on computational science X
Applying a usage control model in an operating system kernel
Journal of Network and Computer Applications
Integration of graph based authorization policies
ISMIS'06 Proceedings of the 16th international conference on Foundations of Intelligent Systems
Analysis and run-time verification of dynamic security policies
DAMAS'05 Proceedings of the 2005 international conference on Defence Applications of Multi-Agent Systems
A new approach for conflict resolution of authorization
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I
Security policy enforcement through refinement process
B'07 Proceedings of the 7th international conference on Formal Specification and Development in B
| Hi-index | 0.00 |
In most systems, authorization is specified using some low-level system-specific mechanisms,e.g. protection bits, capabilities and access control lists. We argue that authorization is an independent semantic concept that must be separated from implementation mechanismsand given a precise semantics. We propose a logical approach to representing and evaluating authorization. Specifically, we introduce a language for specifying policy bases. A policy base encodes a set of authorization requirements and is given a precise semantics based upon a formal notion of authorization policy. The semantics is computable, thus providing a basis for authorization evaluation. We also introduce two composition operators for policy bases, which are appropriate for modeling distributed systems with multiple administrative domains.