This paper proposes a D-algebra to compose decisions from multiple access control policies. Compared to other algebra-based approaches aimed at policy composition, D-algebra is the only one that satisfies both functional completeness (any possible decision matrix can be expressed by a D-algebra formula) and computational effectiveness (a formula can be computed efficiently given any decision matrix). The D-algebra has several relevant applications in the context of access control policies, namely the analysis of policy languages decision mechanisms, and the development of tools for policy authoring and enforcement
Security services in a multi-user environment are often based on access control mechanisms. Static a...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
This paper studies logic based methods for representing and evaluating complex access control polici...
This paper proposes a D-algebra to compose decisions from multiple access control policies. Compared...
Security-sensitive environments protect their information resources against unauthorized use by enfo...
Despite considerable advancements in the area of access control and authorization languages, current...
Abstract—Traditional policies often focus on access control re-quirement and there have been several...
In defining large, complex access control policies, one would like to compose sub-policies, perhaps ...
Despite considerable advancements in the area of access control and authorization languages, current...
Abstract—Traditional policies often focus on access control re-quirement and there have been several...
Access control is the traditional center of gravity of computer security [1]. People specify access ...
AbstractConfidentiality of information is an important aspect that developers should take into consi...
Traditional policies often focus on access control requirement and there have been several proposals...
Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computin...
Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computin...
Security services in a multi-user environment are often based on access control mechanisms. Static a...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
This paper studies logic based methods for representing and evaluating complex access control polici...
This paper proposes a D-algebra to compose decisions from multiple access control policies. Compared...
Security-sensitive environments protect their information resources against unauthorized use by enfo...
Despite considerable advancements in the area of access control and authorization languages, current...
Abstract—Traditional policies often focus on access control re-quirement and there have been several...
In defining large, complex access control policies, one would like to compose sub-policies, perhaps ...
Despite considerable advancements in the area of access control and authorization languages, current...
Abstract—Traditional policies often focus on access control re-quirement and there have been several...
Access control is the traditional center of gravity of computer security [1]. People specify access ...
AbstractConfidentiality of information is an important aspect that developers should take into consi...
Traditional policies often focus on access control requirement and there have been several proposals...
Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computin...
Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computin...
Security services in a multi-user environment are often based on access control mechanisms. Static a...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
This paper studies logic based methods for representing and evaluating complex access control polici...