Law-governed interaction: a coordination and control mechanism for heterogeneous distributed systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
An agreement centric access control mechanism for business to business e-commerce
Proceedings of the 2002 ACM symposium on Applied computing
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
E-Commerce Trust Metrics and Models
IEEE Internet Computing
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Scalable Regulation of Inter-enterprise Electronic Commerce
WELCOM '01 Proceedings of the Second International Workshop on Electronic Commerce
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)
Provisions and Obligations in Policy Rule Management
Journal of Network and Systems Management
An access control framework for business processes for web services
Proceedings of the 2003 ACM workshop on XML security
Decentralized Peer-to-Peer Auctions
Electronic Commerce Research
Using certified policies to regulate E-commerce transactions
ACM Transactions on Internet Technology (TOIT)
Hi-index | 0.00 |
We introduce a framework for access/action control which shifts the emphasis from the participants to their relationships. The framework is based on a communication model in which participants negotiate the mutually agreed-upon boundary conditions of their relationships, and create social reference points by encapsulating them in compact "communication pacts," called "commpacts." Commpacts are designed to provide a language enabling a social mechanism of coordinated expectation. We argue that in networked environments characterized by multiple authorities and "trusted proxies," this model can deal with the complexities of general (user- and content-dependent) distributed access/action control and provides a clear user-conceptual metaphor. The frame work embeds naturally into the existing legal and institutional infrastructure; it generalizes work in electronic contracting. Commpacts can be seen as a third fundamental type next to access-control lists (ACLs) and capabilities.