English
Related papers

Related papers: Towards A Generic Formal Framework for Access Cont…

200 papers

Many languages and algebras have been proposed in recent years for the specification of authorization policies. For some proposals, such as XACML, the main motivation is to address real-world requirements, typically by providing a complex…

Cryptography and Security · Computer Science 2011-11-28 Jason Crampton , Charles Morisset

Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined,…

Software Engineering · Computer Science 2017-01-02 Andrea Margheri , Massimiliano Masi , Rosario Pugliese , Francesco Tiezzi

The evolving smart and interconnected systems are designed to operate with minimal human intervention. Devices within these smart systems often engage in prolonged operations based on sensor data and contextual factors. Recently, an…

Cryptography and Security · Computer Science 2024-03-18 Tanjila Mawla , Maanak Gupta , Ravi Sandhu

Currently, eXtensible Access Control Markup Language (XACML) has becoming the standard for implementing access control policies and consequently more attention is dedicated to testing the correctness of XACML policies. In particular,…

Software Engineering · Computer Science 2018-09-11 Francesca Lonetti , Eda Marchetti

The increasing use of graph-structured data for business- and privacy-critical applications requires sophisticated, flexible and fine-grained authorization and access control. Currently, role-based access control is supported in graph…

Cryptography and Security · Computer Science 2023-06-23 Aya Mohamed , Dagmar Auer , Daniel Hofer , Josef Küng

To date, most work regarding the formal analysis of access control schemes has focused on quantifying and comparing the expressive power of a set of schemes. Although expressive power is important, it is a property that exists in an…

Cryptography and Security · Computer Science 2013-02-06 William C. Garrison , Adam J. Lee , Timothy L. Hinrichs

Recently, XACML is a popular access control policy language that is used widely in many applications. Policies in XACML are built based on many components over distributed resources. Due to the expressiveness of XACML, it is not trivial for…

Cryptography and Security · Computer Science 2015-03-11 Carroline Dewi Puspa Kencana Ramli

We study the international standard XACML 3.0 for describing security access control policy in a compositional way. Our main contribution is to derive a logic that precisely captures the idea behind the standard and to formally define the…

Cryptography and Security · Computer Science 2011-10-18 Carroline Dewi Puspa Kencana Ramli , Hanne Riis Nielson , Flemming Nielson

Today's business organizations need access control systems that can handle complex, changing security requirements that go beyond what traditional methods can manage. Current approaches, such as Role-Based Access Control (RBAC),…

Cryptography and Security · Computer Science 2026-02-17 Sharif Noor Zisad , Ragib Hasan

Authorization and access control play an essential role in protecting sensitive information from malicious users. The system is based on security policies to determine if an access request is allowed. However, of late, the growing…

Cryptography and Security · Computer Science 2020-05-15 Tran Khanh Dang , Xuan Son Ha , Luong Khiem Tran

In the context of XACML-based access control systems, an intensive testing activity is among the most adopted means to assure that sensible information or resources are correctly accessed. Unfortunately, it requires a huge effort for manual…

Software Engineering · Computer Science 2018-09-11 Antonia Bertolino , Said Daoudagh , Francesca Lonetti , Eda Marchetti

To design a discretionary access control policy, a technique is proposed that uses the principle of analogies and is based on both the properties of objects and the properties of subjects. As attributes characterizing these properties, the…

Cryptography and Security · Computer Science 2019-05-22 S. V. Belim , N. F. Bogachenko , A. N. Kabanov

Over the years, access control systems have become increasingly more complex, often causing a disconnect between what is envisaged by the stakeholders in decision-making positions and the actual permissions granted as evidenced from access…

Cryptography and Security · Computer Science 2026-03-17 Gautam Kumar , Ravi Sundaram , Shamik Sural

The study of canonically complete attribute-based access control (ABAC) languages is relatively new. A canonically complete language is useful as it is functionally complete and provides a "normal form" for policies. However, previous work…

Cryptography and Security · Computer Science 2017-02-15 Jason Crampton , Conrad Williams

We present a systematic technique for transforming XACML 3.0 policies in Answer Set Programming (ASP). We show that the resulting logic program has a unique answer set that directly corresponds to our formalisation of the standard semantics…

Information Theory · Computer Science 2015-03-11 Carroline Dewi Puspa Kencana Ramli , Hanne Riis Nielson , Flemming Nielson

Along with the classical problem of managing multiple identities, actions, devices, APIs etc. in different businesses, there has been an escalating need for having the capability of flexible attribute based access control~(ABAC) mechanisms.…

Cryptography and Security · Computer Science 2018-04-18 Baiyu Liu , Abhinav Palia , Shan-Ho Yang

Role-Based Access Control (RBAC) is a popular authorization model used to manage data-access constraints in a wide range of systems. RBAC usually defines the static view on the access rights. However, to ensure dependability of a system, it…

Software Engineering · Computer Science 2018-05-16 Inna Vistbakka , Elena Troubitsyna

Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of…

Cryptography and Security · Computer Science 2017-06-13 Peter Amthor

Attribute-Based Access Control (ABAC) enables highly expressive and flexible access decisions by considering a wide range of contextual attributes. ABAC policies use logical expressions that combine these attributes, allowing for precise…

Cryptography and Security · Computer Science 2025-05-06 Thang Bui , Elliot Shabram , Anthony Matricia

Cloud compute systems allow administrators to write access control policies that govern access to private data. While policies are written in convenient languages, such as AWS Identity and Access Management Policy Language, manually written…

Software Engineering · Computer Science 2025-03-17 Adarsh Vatsa , Pratyush Patel , William Eiers
‹ Prev 1 2 3 10 Next ›