On the declarative semantics of deductive databases and logic programs
Foundations of deductive databases and logic programming
A behavioral notion of subtyping
ACM Transactions on Programming Languages and Systems (TOPLAS)
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
AAAI '99/IAAI '99 Proceedings of the sixteenth national conference on Artificial intelligence and the eleventh Innovative applications of artificial intelligence conference innovative applications of artificial intelligence
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
The Science of Programming
Solving multi-granularity temporal constraint networks
Artificial Intelligence
Proceedings of the International Workshop on Policies for Distributed Systems and Networks
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
On Maintaining Priorities in a Production Rule System
VLDB '91 Proceedings of the 17th International Conference on Very Large Data Bases
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Obligation Monitoring in Policy Management
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Language for Information Commerce Processes
WECWIS '01 Proceedings of the Third International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems (WECWIS '01)
Provisions and Obligations in Policy Rule Management
Journal of Network and Systems Management
Trust-serv: model-driven lifecycle management of trust negotiation policies for web services
Proceedings of the 13th international conference on World Wide Web
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Model-Driven Trust Negotiation for Web Services
IEEE Internet Computing
Formal model and policy specification of usage control
ACM Transactions on Information and System Security (TISSEC)
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
Access control policies and languages
International Journal of Computational Science and Engineering
A general obligation model and continuity: enhanced policy enforcement engine for usage control
Proceedings of the 13th ACM symposium on Access control models and technologies
An obligation model bridging access control policies and privacy policies
Proceedings of the 13th ACM symposium on Access control models and technologies
A privacy-aware access control system
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Access Control for XML Document
IEA/AIE '08 Proceedings of the 21st international conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems: New Frontiers in Applied Artificial Intelligence
Regulating Exceptions in Healthcare Using Policy Spaces
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Towards the development of privacy-aware systems
Information and Software Technology
Requirements-based Access Control Analysis and Policy Specification (ReCAPS)
Information and Software Technology
Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Authorization control in collaborative healthcare systems
Journal of Theoretical and Applied Electronic Commerce Research
A privacy policy conflict detection method for multi-owner privacy data protection
Electronic Commerce Research
Using special use cases for security in the software development life cycle
WISA'10 Proceedings of the 11th international conference on Information security applications
Rumpole: a flexible break-glass access control model
Proceedings of the 16th ACM symposium on Access control models and technologies
Enhancing user privacy through data handling policies
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
On practical specification and enforcement of obligations
Proceedings of the second ACM conference on Data and Application Security and Privacy
Policies, models, and languages for access control
DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
Towards privacy-enhanced authorization policies and languages
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
A flexible authorization framework for e-commerce
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
A data sharing agreement framework
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Context-Aware provisional access control
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Distributed policy specification and interpretation with classified advertisements
PADL'12 Proceedings of the 14th international conference on Practical Aspects of Declarative Languages
Authorization in cross-border eHealth systems
Information Systems Frontiers
The specification and compilation of obligation policies for program monitoring
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations
International Journal of Mobile Computing and Multimedia Communications
| Hi-index | 0.00 |
Policies are widely used in many systems and applications. Recently, it has been recognized that a "yes/no" response to every scenario is just not enough for many modern systems and applications. Many policies require certain conditions to be satisfied and actions to be performed before or after a decision is made. To address this need, this paper introduces the notions of provisions and obligations. Provisions are those conditions that need to be satisfied or actions that must be performed before a decision is rendered, while obligations are those conditions or actions that must be fulfilled by either the users or the system after the decision. This paper formalizes a rule-based policy framework that includes provisions and obligations, and investigates a reasoning mechanism within this framework. A policy decision may be supported by more than one derivation, each associated with a potentially different set of provisions and obligations (called a global PO set). The reasoning mechanism can derive all the global PO sets for each specific policy decision, and facilitates the selection of the best one based on numerical weights assigned to provisions and obligations as well as on semantic relationships among them. The paper also shows the use of the proposed policy framework in a security application.