Abstract. Access control systems must be evaluated in part on how well they support the Principle of Least Authority (POLA), i.e., how well they enable the distribution of appropriate access rights needed for cooperation, while simultaneously limiting the inappropriate proliferation of access rights which would create vulnerabilities. POLA may be practiced by arrangement of permissions and by abstraction of access. To date, access control systems have been evaluated only by their effectiveness at POLA-by-arrangement. Working in the original capability model proposed by Dennis and van Horn, we show how actual systems have used abstraction to enforce revocation, confinement, and the *-properties—policies whose enforcement has been “proven ” i...
A major drawback of existing access control systems is that they have all been developed with a spec...
System administrators specify the access control policy they want and implement the relevant configu...
Comparing the expressive power of access control models is recognized as a fundamental problem in co...
Abstract. Access control systems must be evaluated in part on how well they enable one to distribute...
Access control is the process of mediating every request to resources and data maintained by a syste...
We present a formal system that models programmable abstractions for access control. Composite abstr...
Motivated by the problem of understanding the difference between practical access control and capabi...
Access control is the traditional center of gravity of computer security [1]. People specify access ...
Access control is the process of mediating every request to data and services maintained by a system...
Access control is the process of mediating every request to data and services maintained by a syste...
Abstract. We present a formal system that models programmable abstractions for access control. Compo...
Any model of access control has two fundamental aims: to ensure that resources are protected from in...
Traditional access controls have evolved from being static and coarse-grained to being dynamic and v...
Access control is the process of mediating every request to data and services maintained by a system...
Access control is the process of mediating every request to resources and data maintained by a syste...
A major drawback of existing access control systems is that they have all been developed with a spec...
System administrators specify the access control policy they want and implement the relevant configu...
Comparing the expressive power of access control models is recognized as a fundamental problem in co...
Abstract. Access control systems must be evaluated in part on how well they enable one to distribute...
Access control is the process of mediating every request to resources and data maintained by a syste...
We present a formal system that models programmable abstractions for access control. Composite abstr...
Motivated by the problem of understanding the difference between practical access control and capabi...
Access control is the traditional center of gravity of computer security [1]. People specify access ...
Access control is the process of mediating every request to data and services maintained by a system...
Access control is the process of mediating every request to data and services maintained by a syste...
Abstract. We present a formal system that models programmable abstractions for access control. Compo...
Any model of access control has two fundamental aims: to ensure that resources are protected from in...
Traditional access controls have evolved from being static and coarse-grained to being dynamic and v...
Access control is the process of mediating every request to data and services maintained by a system...
Access control is the process of mediating every request to resources and data maintained by a syste...
A major drawback of existing access control systems is that they have all been developed with a spec...
System administrators specify the access control policy they want and implement the relevant configu...
Comparing the expressive power of access control models is recognized as a fundamental problem in co...