Many languages and algebras have been proposed in recent years for the specification of authorization policies. For some proposals, such as XACML, the main motivation is to address real-world requirements, typically by providing a complex policy language with somewhat informal evaluation methods; others try to provide a greater degree of formality (particularly with respect to policy evaluation) but support far fewer features. In short, there are very few proposals that combine a rich set of language features with a well-defined semantics, and even fewer that do this for authorization policies for attribute-based access control in open environments. In this paper, we decompose the problem of policy specification into two distinct sub-langua...
This paper presents a rule-based, domain specific language for modeling access control policies whic...
We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and...
Abstract — Access control requires authorization rules and constraints. To express access control po...
Abstract. Many languages and algebras have been proposed in recent years for the specification of au...
Access control systems are widely used means for the protection of computing systems. They are defin...
Access control is key to limiting the actions of users in an application and attribute-based policy ...
A major drawback of existing access control systems is that they have all been developed with a spec...
Despite considerable advancements in the area of access control and authorization languages, current...
Despite considerable advancements in the area of access control and authorization languages, current...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
Access control systems are widely used means for the protection of computing systems. They are defin...
We present the design and implementation of a Certified Core Policy Language (ACCPL) that can be use...
We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control ...
With the widespread use of web services, there is a need for adequate security and privacy support t...
This paper presents a rule-based, domain specific language for modeling access control policies whic...
We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and...
Abstract — Access control requires authorization rules and constraints. To express access control po...
Abstract. Many languages and algebras have been proposed in recent years for the specification of au...
Access control systems are widely used means for the protection of computing systems. They are defin...
Access control is key to limiting the actions of users in an application and attribute-based policy ...
A major drawback of existing access control systems is that they have all been developed with a spec...
Despite considerable advancements in the area of access control and authorization languages, current...
Despite considerable advancements in the area of access control and authorization languages, current...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
Access control systems are widely used means for the protection of computing systems. They are defin...
We present the design and implementation of a Certified Core Policy Language (ACCPL) that can be use...
We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control ...
With the widespread use of web services, there is a need for adequate security and privacy support t...
This paper presents a rule-based, domain specific language for modeling access control policies whic...
We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and...
Abstract — Access control requires authorization rules and constraints. To express access control po...