Search
Now showing items 1-3 of 3
Constraint-enhanced role engineering via answer set programming
(
Association for Computing Machinery
, 2012 , Conference Paper)
Role engineering (RE) aims to develop and maintain appropriate role-based access control (RBAC) configurations. However, RE with constraints in place is not well-studied. Constraints usually describe organizations' security ...
Compliance checking for usage-constrained credentials in trust negotiation systems
(
Springer Berlin Heidelberg
, 2012 , Conference Paper)
We propose an approach to placing usage-constraints on RT credentials; issuers specify constraints by designing non-deterministic finite automata. We show by examples that this approach can express constraints of practical ...
Tracking and constraining authorization provenance
(
Springer Berlin Heidelberg
, 2012 , Conference Paper)
Authorization provenance concerns how an authorization is derived. It appears important to define authorization provenance to (1) analyze policy bases, (2) defend against a class of attacks, and (3) audit authorizations. ...