Trust-enhanced Security in Location-based Adaptive Authentication
Electronic Notes in Theoretical Computer Science (ENTCS)
Proceedings of the 1st international conference on Autonomic computing and communication systems
Privacy-Aware Collaborative Access Control in Web-Based Social Networks
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Policy Evolution in Distributed Usage Control
Electronic Notes in Theoretical Computer Science (ENTCS)
A modal deconstruction of access control logics
FOSSACS'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Foundations of software science and computational structures
A formal implementation of value commitment
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Towards a theory of accountability and audit
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Reliable evidence: auditability by typing
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Benefits of Location-Based Access Control: A Literature Study
GREENCOM-CPSCOM '10 Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing
A formal framework for specifying and analyzing logs as electronic evidence
SBMF'10 Proceedings of the 13th Brazilian conference on Formal methods: foundations and applications
Usage control enforcement - a survey
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Purpose control: did you process the data for the intended purpose?
SDM'11 Proceedings of the 8th VLDB international conference on Secure data management
Policy auditing over incomplete logs: theory, implementation and applications
Proceedings of the 18th ACM conference on Computer and communications security
Understanding and protecting privacy: formal semantics and principled audit mechanisms
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
A proof-carrying file system with revocable and use-once certificates
STM'11 Proceedings of the 7th international conference on Security and Trust Management
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Enforcing Minimum Necessary Access in Healthcare Through Integrated Audit and Access Control
Proceedings of the International Conference on Bioinformatics, Computational Biology and Biomedical Informatics
Belief semantics of authorization logic
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
In this paper we introduce a new framework for controlling compliance to discretionary access control policies [Cederquist et al. in Proceedings of the International Workshop on Policies for Distributed Systems and Networks (POLICY), 2005; Corin et al. in Proceedings of the IFIP Workshop on Formal Aspects in Security and Trust (FAST), 2004]. The framework consists of a simple policy language, modeling ownership of data and administrative policies. Users can create documents, and authorize others to process the documents. To control compliance to the document policies, we define a formal audit procedure by which users may be audited and asked to justify that an action was in compliance with a policy. In this paper we focus on the implementation of our framework. We present a formal proof system, which was only informally described in earlier work. We derive an important tractability result (a cut-elimination theorem), and we use this result to implement a proof-finder, a key component in this framework. We argue that in a number of settings, such as collaborative work environments, where a small group of users create and manage document in a decentralized way, our framework is a more flexible approach for controlling the compliance to policies.