English
Related papers

Related papers: Model Checking Access Control Policies: A Case Stu…

200 papers

The emergence of Large Language Models (LLMs) has significantly advanced solutions across various domains, from political science to software development. However, these models are constrained by their training data, which is static and…

Artificial Intelligence · Computer Science 2025-09-16 Aadil Gani Ganie

AI deployment in sensitive domains such as health care, credit, employment, and criminal justice is often treated as unsafe to authorize until model internals can be explained. This often leads to an excessive reliance on mechanistic…

Access control needs have broad design implications, but access control specifications may be elicited before, during, or after these needs are captured. Because access control knowledge is distributed, we need to make knowledge asymmetries…

Cryptography and Security · Computer Science 2025-04-28 Shamal Faily

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…

Software Engineering · Computer Science 2015-08-18 Andrea Margheri , Rosario Pugliese , Francesco Tiezzi

Access control is an important component for web services such as a cloud. Current clouds tend to design the access control mechanism together with the policy language on their own. It leads to two issues: (i) a cloud user has to learn…

Cryptography and Security · Computer Science 2019-03-26 Yang Luo , Qingni Shen , Zhonghai Wu

This paper presents an empirical investigation into the capabilities of Large Language Models (LLMs) to perform automated Attribute-based Access Control (ABAC) policy mining. While ABAC provides fine-grained, context-aware access…

Cryptography and Security · Computer Science 2025-11-25 More Aayush Babasaheb , Shamik Sural

The immense shift to cloud computing has brought changes in security and privacy requirements, impacting critical Identity Management services. Currently, many IdM systems and solutions are accessible as cloud services, delivering identity…

Cryptography and Security · Computer Science 2024-10-30 Ivana Kovacevic , Tamara Rankovic , Milan Stojkov , Milos Simic

AI safety systems face the dual-use dilemma. It is unclear whether to answer dual-use requests, since the same query could be either harmless or harmful depending on who made it and why. To make better decisions, such systems would need to…

Artificial Intelligence · Computer Science 2025-11-26 Evžen Wybitul

In a cloud computing environment, access control policy is an effective means of fortification cloud users and cloud resources services against security infringements. Based on analysis of current cloud computing security characteristics,…

Distributed, Parallel, and Cluster Computing · Computer Science 2013-05-14 Sultan Ullah , Zheng Xuefeng , Zhou Feng

Access control mechanisms have been adopted in many real-world systems to control resource sharing for the principals in the system. An error in the access control policy (misconfiguration) can easily cause severe data leakage and system…

Cryptography and Security · Computer Science 2023-04-18 Bingyu Shen

The risks of frontier AI may require international cooperation, which in turn may require verification: checking that all parties follow agreed-on rules. For instance, states might need to verify that powerful AI models are widely deployed…

Computers and Society · Computer Science 2025-07-29 Mauricio Baker , Gabriel Kulp , Oliver Marks , Miles Brundage , Lennart Heim

A widespread design approach in distributed applications based on the service-oriented paradigm, such as web-services, consists of clearly separating the enforcement of authorization policies and the workflow of the applications, so that…

Cryptography and Security · Computer Science 2009-06-26 Michele Barletta , Silvio Ranise , Luca Viganò

The proliferation of autonomous AI agents within enterprise environments introduces a critical security challenge: managing access control for emergent, novel tasks for which no predefined policies exist. This paper introduces an advanced…

Cryptography and Security · Computer Science 2025-10-14 Charles Fleming , Ashish Kundu , Ramana Kompella

In today's dynamic ICT environments, the ability to control users' access to resources becomes ever important. On the one hand, it should adapt to the users' changing needs; on the other hand, it should not be compromised. Therefore, it is…

Cryptography and Security · Computer Science 2017-03-08 A. S. M. Kayes , Jun Han , Wenny Rahayu , Md. Saiful Islam , Alan Colman

Policy Cards are introduced as a machine-readable, deployment-layer standard for expressing operational, regulatory, and ethical constraints for AI agents. The Policy Card sits with the agent and enables it to follow required constraints at…

Artificial Intelligence · Computer Science 2025-10-29 Juraj Mavračić

The ability to enforce robust and dynamic access controls on cloud-hosted data while simultaneously ensuring confidentiality with respect to the cloud itself is a clear goal for many users and organizations. To this end, there has been much…

Cryptography and Security · Computer Science 2016-04-28 William C. Garrison , Adam Shull , Steven Myers , Adam J. Lee

With the rapid advances in computing and information technologies, traditional access control models have become inadequate in terms of capturing fine-grained, and expressive security requirements of newly emerging applications. An…

Cryptography and Security · Computer Science 2021-02-02 Leila Karimi , Maryam Aldairi , James Joshi , Mai Abdelhakim

Attribute-based access control (ABAC) provides a high level of flexibility that promotes security and information sharing. ABAC policy mining algorithms have potential to significantly reduce the cost of migration to ABAC, by partially…

Cryptography and Security · Computer Science 2014-08-08 Zhongyuan Xu , Scott D. Stoller

While more organizations have been trying to move their infrastructure to the cloud in recent years, there have been significant challenges in how identities and access are managed in a hybrid cloud setting. This paper showcases a novel…

Distributed, Parallel, and Cluster Computing · Computer Science 2022-03-23 Saurabh Deochake , Vrushali Channapattan

Existing methods for verifying access control policies require the policy to be complete and fully determined before verification can proceed, but in practice policies are developed iteratively, composed from independently maintained…

Cryptography and Security · Computer Science 2026-03-16 Alexander V. Gheorghiu