Role-Based Access Control Models
Computer
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
A lattice model of secure information flow
Communications of the ACM
Protection in operating systems
Communications of the ACM
Communications of the ACM
Developing Jini applications using J2ME technology
Developing Jini applications using J2ME technology
Proxy-based security protocols in networked mobile devices
Proceedings of the 2002 ACM symposium on Applied computing
Capability-Based Computer Systems
Capability-Based Computer Systems
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)
Fast Software Encryption, Cambridge Security Workshop
Protection Reconfiguration for Reusable Software
CSMR '98 Proceedings of the 2nd Euromicro Conference on Software Maintenance and Reengineering ( CSMR'98)
Process Algebra and Non-interference
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A Security Framework Supporting Domain Based Access Control in Distributed Systems
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
ICDCS '96 Proceedings of the 16th International Conference on Distributed Computing Systems (ICDCS '96)
Certificate-based access control for widely distributed resources
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Dynamic event-based access control as term rewriting
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
A dynamic security framework for ambient intelligent systems: a smart-home based eHealth application
Transactions on computational science X
Term rewriting for access control
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
| Hi-index | 0.00 |
Various security models have been proposed for different types of applications and numerous types of execution environments. These models are typically reinforced by adding code to the application, which authenticates principals, authorises operations and establishes secure communication among distributed software components (e.g., clients and servers). This code is often application and context-specific, which makes it difficult to integrate an application with other each other.In this paper we propose a new unified access control mechanism that supports most of the existing security models and offers a number of additional controls that are not normally provided by security mechanisms. Moreover, the proposed mechanism integrates well with existing programming paradigms for distributed application, e.g., client/server technology and component based programming. This means that it can be seamlessly integrated with most existing distributed applications. We have implemented the proposed mechanism in a framework, that can be instantiated to implement different security models and policies. We present a qualitative evaluation that demonstrates the framework's ability to support a wide range of security policies and a preliminary performance evaluation of the framework.