English
Related papers

Related papers: PTaCL: A Language for Attribute-Based Access Contr…

200 papers

Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined,…

Software Engineering · Computer Science 2017-01-02 Andrea Margheri , Massimiliano Masi , Rosario Pugliese , Francesco Tiezzi

There have been many proposals for access control models and authorization policy languages, which are used to inform the design of access control systems. Most, if not all, of these proposals impose restrictions on the implementation of…

Cryptography and Security · Computer Science 2014-08-01 Jason Crampton , Charles Morisset

Access control is an important component for web services such as a cloud. Current clouds tend to design the access control mechanism together with the policy language on their own. It leads to two issues: (i) a cloud user has to learn…

Cryptography and Security · Computer Science 2019-03-26 Yang Luo , Qingni Shen , Zhonghai Wu

This paper presents an empirical investigation into the capabilities of Large Language Models (LLMs) to perform automated Attribute-based Access Control (ABAC) policy mining. While ABAC provides fine-grained, context-aware access…

Cryptography and Security · Computer Science 2025-11-25 More Aayush Babasaheb , Shamik Sural

We propose in this paper the Security Policy Language (SePL), which is a formal language for capturing and integrating distributed security policies. The syntax of SePL includes several operators for the integration of policies and it is…

Cryptography and Security · Computer Science 2020-05-12 Mohamed Mejri , Hamdi Yahyaoui

Over the years, access control systems have become increasingly more complex, often causing a disconnect between what is envisaged by the stakeholders in decision-making positions and the actual permissions granted as evidenced from access…

Cryptography and Security · Computer Science 2026-03-17 Gautam Kumar , Ravi Sundaram , Shamik Sural

Recently, XACML is a popular access control policy language that is used widely in many applications. Policies in XACML are built based on many components over distributed resources. Due to the expressiveness of XACML, it is not trivial for…

Cryptography and Security · Computer Science 2015-03-11 Carroline Dewi Puspa Kencana Ramli

Cloud compute systems allow administrators to write access control policies that govern access to private data. While policies are written in convenient languages, such as AWS Identity and Access Management Policy Language, manually written…

Software Engineering · Computer Science 2025-03-17 Adarsh Vatsa , Pratyush Patel , William Eiers

The study of canonically complete attribute-based access control (ABAC) languages is relatively new. A canonically complete language is useful as it is functionally complete and provides a "normal form" for policies. However, previous work…

Cryptography and Security · Computer Science 2017-02-15 Jason Crampton , Conrad Williams

Attribute-based Access Control (ABAC) extends traditional Access Control by considering an access request as a set of pairs attribute name-value, making it particularly useful in the context of open and distributed systems, where security…

Cryptography and Security · Computer Science 2013-06-21 Andreas Griesmayer , Charles Morisset

Authentication, authorization, and trust verification are central parts of an access control system. The conditions for granting access in such a system are collected in access policies. Since access conditions are often complex, dedicated…

Cryptography and Security · Computer Science 2022-12-06 Stefan More , Sebastian Ramacher , Lukas Alber , Marco Herzl

Authorization and access control play an essential role in protecting sensitive information from malicious users. The system is based on security policies to determine if an access request is allowed. However, of late, the growing…

Cryptography and Security · Computer Science 2020-05-15 Tran Khanh Dang , Xuan Son Ha , Luong Khiem Tran

Cloud computing is ubiquitous, with a growing number of services being hosted on the cloud every day. Typical cloud compute systems allow administrators to write policies implementing access control rules which specify how access to private…

Software Engineering · Computer Science 2025-10-24 Adarsh Vatsa , Bethel Hall , William Eiers

We study the international standard XACML 3.0 for describing security access control policy in a compositional way. Our main contribution is to derive a logic that precisely captures the idea behind the standard and to formally define the…

Cryptography and Security · Computer Science 2011-10-18 Carroline Dewi Puspa Kencana Ramli , Hanne Riis Nielson , Flemming Nielson

Traditional authorization policies are user-centric, in the sense that authorization is defined, ultimately, in terms of user identities. We believe that this user-centric approach is inappropriate for many applications, and that what…

Cryptography and Security · Computer Science 2014-06-20 Jason Crampton , James Sellwood

In recent years, Attribute-Based Access Control (ABAC) has become quite popular and effective for enforcing access control in dynamic and collaborative environments. Implementation of ABAC requires the creation of a set of attribute-based…

Cryptography and Security · Computer Science 2021-11-16 Varun Gumma , Barsha Mitra , Soumyadeep Dey , Pratik Shashikantbhai Patel , Sourabh Suman , Saptarshi Das

Role-based access control (RBAC) and hierarchical structures are foundational to how information flows and decisions are made within virtually all organizations. As the potential of Large Language Models (LLMs) to serve as unified knowledge…

Artificial Intelligence · Computer Science 2025-06-18 Debdeep Sanyal , Umakanta Maharana , Yash Sinha , Hong Ming Tan , Shirish Karande , Mohan Kankanhalli , Murari Mandal

AutomationML (AML) enables standardized data exchange in engineering, yet existing recommendations for proper AML modeling are typically formulated as informal and textual constraints. These constraints cannot be validated automatically…

Artificial Intelligence · Computer Science 2025-06-13 Tom Westermann , Aljosha Köcher , Felix Gehlhoff

With increasing emphasis on transparency in digital governance, users expect more than silence when their access requests are denied by a system. However, authorization methods are notorious for their inability to provide any form of…

Cryptography and Security · Computer Science 2026-04-15 Shanampudi Pranaya Chowdary , Shamik Sural

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…

Software Engineering · Computer Science 2015-08-18 Andrea Margheri , Rosario Pugliese , Francesco Tiezzi
‹ Prev 1 2 3 10 Next ›