English
Related papers

Related papers: Static Enforceability of XPath-Based Access Contro…

200 papers

Growing privacy regulations and internal governance mandates are driving demand for fine-grained, context-sensitive access control in data management systems. Among competing approaches, content-based access control -- where access…

Databases · Computer Science 2026-04-20 Ahana Pradhan , Srinivas Karthik , Imtiyazuddin Shaik , Srinivas Vivek

The advance of web services technologies promises to have far-reaching effects on the Internet and enterprise networks allowing for greater accessibility of data. The security challenges presented by the web services approach are…

Logic in Computer Science · Computer Science 2012-06-15 Michele Barletta , Silvio Ranise , Luca Viganò

Stochastic policies (also known as relaxed controls) are widely used in continuous-time reinforcement learning algorithms. However, executing a stochastic policy and evaluating its performance in a continuous-time environment remain open…

Machine Learning · Computer Science 2025-10-03 Yanwei Jia , Du Ouyang , Yufei Zhang

Recently, XACML is a popular access control policy language that is used widely in many applications. Policies in XACML are built based on many components over distributed resources. Due to the expressiveness of XACML, it is not trivial for…

Cryptography and Security · Computer Science 2015-03-11 Carroline Dewi Puspa Kencana Ramli

The stack-based access control mechanism plays a fundamental role in the security architecture of Java and Microsoft CLR (common language runtime). It is enforced at runtime by inspecting methods in the current call stack for granted…

Cryptography and Security · Computer Science 2013-10-15 Xin Li , Hua Vy Le Thanh

There is considerable amount of sensitive XML data stored in relational databases. It is a challenge to enforce node level fine-grained authorization policies for XML data stored in relational databases which typically support table and…

Databases · Computer Science 2019-09-25 Ali Alwehaibi , Mustafa Atay

This paper presents a novel static analysis technique to detect XML query-update independence, in the presence of a schema. Rather than types, our system infers chains of types. Each chain represents a path that can be traversed on a valid…

Databases · Computer Science 2012-05-31 Nicole Bidoit-Tollu , Dario Colazzo , Federico Ulliana

Distributed implementations of access control abound in distributed storage protocols. While such implementations are often accompanied by informal justifications of their correctness, our formal analysis reveals that their correctness can…

Cryptography and Security · Computer Science 2008-06-02 Avik Chaudhuri

Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined,…

Software Engineering · Computer Science 2017-01-02 Andrea Margheri , Massimiliano Masi , Rosario Pugliese , Francesco Tiezzi

Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of…

Cryptography and Security · Computer Science 2017-06-13 Peter Amthor

Database-backed applications rely on inlined policy checks to process users' private and confidential data in a policy-compliant manner as traditional database access control mechanisms cannot enforce complex policies. However, application…

Cryptography and Security · Computer Science 2020-03-17 Abhishek Bichhawat , Matt Fredrikson , Jean Yang , Akash Trehan

Reinforcement learning is a framework for interactive decision-making with incentives sequentially revealed across time without a system dynamics model. Due to its scaling to continuous spaces, we focus on policy search where one…

Machine Learning · Computer Science 2023-01-04 Amrit Singh Bedi , Anjaly Parayil , Junyu Zhang , Mengdi Wang , Alec Koppel

AI agents -- systems that plan, reason, and act using large language models -- produce non-deterministic, path-dependent behavior that cannot be fully governed at design time, where with governed we mean striking the right balance between…

Artificial Intelligence · Computer Science 2026-03-18 Maurits Kaptein , Vassilis-Javed Khan , Andriy Podstavnychy

Autonomous agents are moving beyond simple retrieval tasks to become economic actors that invoke APIs, sequence workflows, and make real-time decisions. As this shift accelerates, API providers need request-level monetization with…

Cryptography and Security · Computer Science 2026-04-03 Mohd Safwan Uddin , Mohammed Mouzam , Mohammed Imran , Syed Badar Uddin Faizan

Current proprietary and open-source serverless platforms follow opinionated, hardcoded scheduling policies to deploy the functions to be executed over the available workers. Such policies may decrease the performance and the security of the…

Programming Languages · Computer Science 2023-11-01 Giuseppe De Palma , Saverio Giallorenzo , Cosimo Laneve , Jacopo Mauro , Matteo Trentin , Gianluigi Zavattaro

There have been many proposals for access control models and authorization policy languages, which are used to inform the design of access control systems. Most, if not all, of these proposals impose restrictions on the implementation of…

Cryptography and Security · Computer Science 2014-08-01 Jason Crampton , Charles Morisset

We introduce the framework of performative control, where the policy chosen by the controller affects the underlying dynamics of the control system. This results in a sequence of policy-dependent system state data with policy-dependent…

Optimization and Control · Mathematics 2024-10-31 Songfu Cai , Fei Han , Xuanyu Cao

We develop a modeling technique based on interpreted systems in order to verify temporal-epistemic properties over access control policies. This approach enables us to detect information flow vulnerabilities in dynamic policies by verifying…

Logic in Computer Science · Computer Science 2014-01-21 Masoud Koleini , Eike Ritter , Mark Ryan

Attribute-based access control (ABAC) promises a powerful way of formalizing access policies in support of a wide range of access management scenarios. Efficient implementation of ABAC in its general form is still a challenge, especially…

Cryptography and Security · Computer Science 2019-09-24 Hadi Ahmadi , Derek Small

The paper studies dynamic information flow security policies in an automaton-based model. Two semantic interpretations of such policies are developed, both of which generalize the notion of TA-security [van der Meyden ESORICS 2007] for…

Cryptography and Security · Computer Science 2016-01-21 Sebastian Eggert , Ron van der Meyden