Related papers: Function-Based Access Control (FBAC): From Access …

Modern operating systems provide powerful mandatory access control mechanisms, yet they largely reason about who executes code rather than how execution originates. As a result, processes launched remotely, locally, or by background…

Access control is an issue of paramount importance in cyber-physical systems (CPS). In this paper, an access control scheme, namely FEAC, is presented for CPS. FEAC can not only provide the ability to control access to data in normal…

The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart…

While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This…

Insider Threat is a significant and potentially dangerous security issue in corporate settings. It is difficult to mitigate because, unlike external threats, insiders have knowledge of an organization's access policies, access hierarchy,…

Basic role based access control [RBAC] provides a mechanism for segregating access privileges based upon a user's hierarchical roles within an organization. This model doesn't scale well when there is tight integration of multiple…

Federated computing (FC) enables collaborative computation such as machine learning, analytics, or data processing across distributed organizations keeping raw data local. Built on four architectural pillars, distributed data assets,…

Access control (AC) is the core of every architectural solution for information security. Indeed, no effective protection scheme can abstract from the careful design of access control policies, and infrastructures underlying modern…

A common trait of current access control approaches is the challenging need to engineer abstract and intuitive access control models. This entails designing access control information in the form of roles (RBAC), attributes (ABAC), or…

Real-world applications routinely make authorization decisions based on dynamic computation. Reasoning about dynamically computed authority is challenging. Integrity of the system might be compromised if attackers can improperly influence…

Role-Based Access Control (RBAC) is a popular authorization model used to manage data-access constraints in a wide range of systems. RBAC usually defines the static view on the access rights. However, to ensure dependability of a system, it…

Consent-Based Access Control (CBAC) is a foundational mechanism for enforcing patient autonomy in modern healthcare information systems. Many CBAC frameworks are built on the eXtensible Access Control Markup Language (XACML) and inherit its…

Current methods for data access control, especially regarding AI and AI automation, face unique challenges in ensuring appropriate data access. We introduce Integer-Based Access Control (IBAC), addressing the limitations of Role-Based…

Cloud Computing is a set of IT Services that are provided to a customer over a network and these services are delivered by third party provider who owns the infrastructure and reduce the burden at user's end. Nowadays researchers devoted…

This paper introduces language-based agent control (LBAC), a new programming model for agentic applications that brings techniques from programming languages and language-based security to the problem of agent control. In conventional…

The autonomy and contextual complexity of LLM-based agents render traditional access control (AC) mechanisms insufficient. Static, rule-based systems designed for predictable environments are fundamentally ill-equipped to manage the dynamic…

Broken Access Control (BAC) violations, which consistently rank among the top five security risks in the OWASP API Security Top 10, refer to unauthorized access attempts arising from BAC vulnerabilities, whose successful exploitation can…

Unauthorized access remains one of the critical security challenges in the realm of cybersecurity. With the increasing sophistication of attack techniques, the threat of unauthorized access is no longer confined to the conventional ones,…

Role-based access control (RBAC) models have generated a great interest in the security community as a powerful and generalized approach to security management and ability to model organizational structure and their capability to reduce…

To design a discretionary access control policy, a technique is proposed that uses the principle of analogies and is based on both the properties of objects and the properties of subjects. As attributes characterizing these properties, the…