Application-level access control enforcement of complex policies is suffering from bad performance. This is especially true for search operations when the query results must be filtered by the application according to constraints of access control policies. One approach to reduce this overhead is to incorporate the access control policy in search queries on such data through query rewriting. This poses challenges to what can be expressed as part of such queries when complex policies must be taken into account, especially for expressive policy languages such as XACML. This paper proposes a transformation that converts attribute-based XACML policies to database queries while maintaining original policy semantics. This includes coping with XA...
Applications are increasingly operating on large data sets. This trend creates problems for access c...
Sensitive data are increasingly available on-line through the Web and other distributed protocols. T...
Policy-based access control is a technology that achieves separation of concerns through evaluating ...
Language) is a declarative access control policy language that has unique language constructs for fa...
The eXtensible Access Control Markup Language (XACML) has attracted significant attention from both ...
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud c...
The eXtensible Access Control Markup Language (XACML) is an extensible and flexible XML language for...
The eXtensible Access Control Markup Language (XACML) is an extensible and flexible XML language for...
With the widespread use of web services, there is a need for adequate security and privacy support t...
Access control is key to limiting the actions of users in an application and attribute-based policy ...
Abstract—The advent of emerging technologies such as Web services, service-oriented architecture, an...
Project (M.S., Computer Science)--California State University, Sacramento, 2014This project is a con...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...
XACML is being increasingly adopted in large enterprise systems for specifying access control polici...
Access control systems must adjust to evolving business needs, such as accommodating new and...
Applications are increasingly operating on large data sets. This trend creates problems for access c...
Sensitive data are increasingly available on-line through the Web and other distributed protocols. T...
Policy-based access control is a technology that achieves separation of concerns through evaluating ...
Language) is a declarative access control policy language that has unique language constructs for fa...
The eXtensible Access Control Markup Language (XACML) has attracted significant attention from both ...
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud c...
The eXtensible Access Control Markup Language (XACML) is an extensible and flexible XML language for...
The eXtensible Access Control Markup Language (XACML) is an extensible and flexible XML language for...
With the widespread use of web services, there is a need for adequate security and privacy support t...
Access control is key to limiting the actions of users in an application and attribute-based policy ...
Abstract—The advent of emerging technologies such as Web services, service-oriented architecture, an...
Project (M.S., Computer Science)--California State University, Sacramento, 2014This project is a con...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...
XACML is being increasingly adopted in large enterprise systems for specifying access control polici...
Access control systems must adjust to evolving business needs, such as accommodating new and...
Applications are increasingly operating on large data sets. This trend creates problems for access c...
Sensitive data are increasingly available on-line through the Web and other distributed protocols. T...
Policy-based access control is a technology that achieves separation of concerns through evaluating ...