Search
Now showing items 1-4 of 4
Constraint-enhanced role engineering via answer set programming
(
Association for Computing Machinery
, 2012 , Conference Paper)
Role engineering (RE) aims to develop and maintain appropriate role-based access control (RBAC) configurations. However, RE with constraints in place is not well-studied. Constraints usually describe organizations' security ...
Compliance checking for usage-constrained credentials in trust negotiation systems
(
Springer Berlin Heidelberg
, 2012 , Conference Paper)
We propose an approach to placing usage-constraints on RT credentials; issuers specify constraints by designing non-deterministic finite automata. We show by examples that this approach can express constraints of practical ...
Social access control language (SocACL)
(
Association for Computing Machinery
, 2013 , Conference Paper)
Online Social Networks hold vast amounts of readily accessible personal information leaving them particularly vulnerable to privacy breach attacks [6]. With the impact these breaches varying from simply embarrassing the ...
Tracking and constraining authorization provenance
(
Springer Berlin Heidelberg
, 2012 , Conference Paper)
Authorization provenance concerns how an authorization is derived. It appears important to define authorization provenance to (1) analyze policy bases, (2) defend against a class of attacks, and (3) audit authorizations. ...