Implementing fault-tolerant services using the state machine approach: a tutorial
ACM Computing Surveys (CSUR)
The Imposition of Protocols Over Open Distributed Systems
IEEE Transactions on Software Engineering
The process group approach to reliable distributed computing
Communications of the ACM
Internet Privacy Enhanced Mail
Communications of the ACM - Special issue on internetworking
Distributed operating systems
Proceedings of the 4th ACM conference on Computer and communications security
Lattice-Based Access Control Models
Computer
Regulated Coordination in Open Distributed Systems
COORDINATION '97 Proceedings of the Second International Conference on Coordination Languages and Models
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
StarOS, a multiprocessor operating system for the support of task forces
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
Building reconfiguration primitives into the law of a system
ICCDS '96 Proceedings of the 3rd International Conference on Configurable Distributed Systems
The design and implementation of a secure auction service
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Security Model of Dynamic Labeling Providing a Tiered Approach to Verification
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A security policy model for clinical information systems
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Tolerating exceptions in workflows: a unified framework for data and processes
WACC '99 Proceedings of the international joint conference on Work activities coordination and collaboration
Flexible control of downloaded executable content
ACM Transactions on Information and System Security (TISSEC)
Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Law-governed interaction: a coordination and control mechanism for heterogeneous distributed systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Access control in configurable systems
Secure Internet programming
A Uniform Model for Authorization and Access Control in Enterprise Information Platform
EDCIS '02 Proceedings of the First International Conference on Engineering and Deployment of Cooperative Information Systems
Law-Governed Internet Communities
COORDINATION '00 Proceedings of the 4th International Conference on Coordination Languages and Models
Coordination and Access Control in Open Distributed Agent Systems: The TuCSoN Approach
COORDINATION '00 Proceedings of the 4th International Conference on Coordination Languages and Models
A Policy Language for the Management of Distributed Agents
AOSE '01 Revised Papers and Invited Contributions from the Second International Workshop on Agent-Oriented Software Engineering II
The Specification and Enforcement of Advanced Security Policies
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Decentralized Peer-to-Peer Auctions
Electronic Commerce Research
LISA '98 Proceedings of the 12th USENIX conference on System administration
A generic XACML based declarative authorization scheme for java
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
| Hi-index | 0.00 |
Modern distributed systems tend to be conglomerates of heterogeneous subsystems, which have been designed separately, by different people, with little, if any, knowledge of each other - and which may be governed by different security policies. A single software agent operating within such a system may find itself interacting with, or even belonging to, several subsystems, and thus be subject to several disparate policies. If every such policy is expressed by means of a different formalism and enforced with a different mechanism, the situation can get easily out of hand. To deal with this problem we propose in this paper a security mechanism that can support efficiently, and in a unified manner, a wide range of security models and policies, including: conventional discretionary models that use capabilities or access-control lists, mandatory lattice-based access control models, and the more sophisticated models and policies required for commercial applications. Moreover, under the proposed mechanism, a single agent may be involved in several different modes of interactions that are subject to disparate security policies.