We consider the problem of access privilege management in a classical protection environment featuring subjects attempting to access the protected objects. We express an access privilege in terms of an access right and a privilege level. The privilege level and a protection diagram associated with each given object determine whether a nominal access privilege for this object corresponds to an effective, possibly weaker access privilege, or is revoked. We associate a password system with each object; the password system takes the form of a hierarchical bidimensional one-way chain. A subject possesses a nominal access privilege for a given object if it holds a key that matches one of the passwords in the password system of this object; the pr...
Public key management has received considerable attention from both the research and commercial comm...
With reference to a distributed system consisting of nodes connected by a local area network, we pre...
peer reviewedIn access control frameworks with the possibility of delegating permissions and admini...
Critical infrastructures require protection systems that are both flexible and efficient. Flexibilit...
With reference to a classic protection system featuring active subjects that reference protected obj...
With reference to a protection system featuring active subjects that attempt to access passive, type...
With reference to a distributed system consisting of nodes connected by a local area network, we pr...
With reference to a distributed system consisting of nodes connected by a local area network, we con...
With reference to a distributed environment consisting of nodes connected in an arbitrary network to...
We refer to a key-based protection environment featuring active subjects and protected objects. A su...
We have previously presented a framework for updating privileges and creating management structures ...
In ownership-based access control frameworks with the possibility of delegating permissions and admi...
peer reviewedIn ownership-based access control frameworks with the possibility of delegating permiss...
With reference to an embedded system featuring no support for memory management, we present a model ...
We refer to an access control system based on subjects and objects. Subjects are active entities, e....
Public key management has received considerable attention from both the research and commercial comm...
With reference to a distributed system consisting of nodes connected by a local area network, we pre...
peer reviewedIn access control frameworks with the possibility of delegating permissions and admini...
Critical infrastructures require protection systems that are both flexible and efficient. Flexibilit...
With reference to a classic protection system featuring active subjects that reference protected obj...
With reference to a protection system featuring active subjects that attempt to access passive, type...
With reference to a distributed system consisting of nodes connected by a local area network, we pr...
With reference to a distributed system consisting of nodes connected by a local area network, we con...
With reference to a distributed environment consisting of nodes connected in an arbitrary network to...
We refer to a key-based protection environment featuring active subjects and protected objects. A su...
We have previously presented a framework for updating privileges and creating management structures ...
In ownership-based access control frameworks with the possibility of delegating permissions and admi...
peer reviewedIn ownership-based access control frameworks with the possibility of delegating permiss...
With reference to an embedded system featuring no support for memory management, we present a model ...
We refer to an access control system based on subjects and objects. Subjects are active entities, e....
Public key management has received considerable attention from both the research and commercial comm...
With reference to a distributed system consisting of nodes connected by a local area network, we pre...
peer reviewedIn access control frameworks with the possibility of delegating permissions and admini...