Providing secure coordinated access to grid services
Proceedings of the 4th international workshop on Middleware for grid computing
Policy decomposition for collaborative access control
Proceedings of the 13th ACM symposium on Access control models and technologies
Model-based refinement of security policies in collaborative virtual organisations
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Deriving implementation-level policies for usage control enforcement
Proceedings of the second ACM conference on Data and Application Security and Privacy
Toward efficient and confidentiality-aware federation of access control policies
Proceedings of the 7th Workshop on Middleware for Next Generation Internet Computing
Model-Based usage control policy derivation
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
| Hi-index | 0.00 |
Modern dynamic distributed information systems need access control policies to address controlling access to multiple resources that are distributed. The resources may be considered as a single abstract hierarchical resource. An access control policy at a high level should be able to define who is allowed to use the resources. At lower levels, the policy will address controlling access to concrete resources. By modelling the resource hierarchy, it is possible that low level policies can be automatically produced from the high level policy. These low level policies can then be distributed to the concrete resources that use an existing policy based access control decision system so that the high level policy can be enforced throughout the system. In this paper a model for representing and refining high level policies is presented. Other relevant issues and examples for demonstrating the capability of the policy decomposition (refinement) process are also presented.