EPER: Efficient Parallel Encoding Rules for ASN.1

ions that do not fully grasp the underlying dynamics often create artif “exceptions,” that is, certain cases do not fit smoothly into the framework. The notio a “role” of a person is one example of such an exception, which arises from the fac subjecthood is treated as ontologically prior to the interaction by which it might o come into being. “Roles” are then invented to try to fix this problem by discretizing jecthood. Subject-Object Conceptualizations Having laid out the Lampson matrix, text books would then usually note that this g matrix is impractical to implement directly, and that there are two ways of realizing abstract formulation, which correspond to the two fundamental conceptualizations have been investigated in much detail over the past 25 years: 1. (by column) Object-Centered Realization: For each object, specify which subject have which access rights to it. 2. (by row) Subject-Centered Realization: For each subject, specify which objects can access with which rights. Subject-Subject Conceptualization Shifting to a communication model and making explicit the fact that rights are alw granted by owners of objects, we see that a third logical possibility for realizing Lampson matrix is along the lines of the relationships between the owner of an o and the holder of a right about this object (cf. Figure 9): 3. (by rights relationship) Relationship-Centered Realization: For each relationship between object owners and interested users (“licensees”), specify which rights party holds about the objects covered by this relationship. In other words, we introduce an explicit third entity, a relationship object, as show Figure 9. In the object-centered (ACLs) approach, there are three control objects; subject-centered (capabilities) approach, we get three control objects; and in the tionship-centered (commpacts) approach, we have two control objects in this exa (one for each relationship). 1 So far we have only considered the abstract organizations of control information objects; we have not yet examined the orthogonal question where to place such o 1. The example happens to create fewer objects for the relationship-based realization of this typically sparse matrix than for the other ones. We do not wish to claim that this is necessarily a general property of this realization though. In general, the relationship-based form will have a smaller number of control objects if a lot of objects are governed by a few relationships. A Network-Centric Design for Relationship-Based Rights Management 29 A Network-Centric Architecture for Managing Control Information

[1]  Randall J. Atkinson,et al.  On Internet Authentication , 1994, RFC.

[2]  Alan F. Westin,et al.  Computers, health records, and citizen rights , 1976 .

[3]  Abraham Silberschatz,et al.  Distributed processing of logic programs , 1988, SIGMOD '88.

[4]  Ronald L. Rivest,et al.  SDSI - A Simple Distributed Security Infrastructure , 1996 .

[5]  Henry M. Gladney,et al.  Access control for large collections , 1997, TOIS.

[6]  Luis Gravano,et al.  STARTS: Stanford Protocol Proposal for Internet Retrieval and Search , 1997 .

[7]  Ravi S. Sandhu,et al.  Towards a task-based paradigm for flexible and adaptable access control in distributed applications , 1993, NSPW '92-93.

[8]  Ravi S. Sandhu,et al.  Non-monotonic transformation of access rights , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  Victoria Ungureanu,et al.  Unified Support for Heterogeneous Security Policies in Distributed Systems , 1998, USENIX Security Symposium.

[10]  Carl Lagoze,et al.  Implementation Issues in an Open Architectural Framework for Digital Object Services , 1995 .

[11]  O. Williamson,et al.  Markets and Hierarchies: Analysis and Antitrust Implications. , 1977 .

[12]  Benjamin Wright,et al.  Law of Electronic Commerce: EDI, E-Mail and Internet: Technology, Proof and Liability , 1995 .

[13]  R Saracci,et al.  Directive of the European Parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data. The International Epidemiological Association-IEA European Epidemiological Group. , 1995, International journal of epidemiology.

[14]  Ravi S. Sandhu,et al.  On Five Definitions of Data Integrity , 1993, Database Security.

[15]  C. WHITFORD,et al.  IAN MACNEIL ' S CONTRIBUTION TO CONTRACTS SCHOLARSHIP , 2022 .

[16]  Radia J. Perlman,et al.  Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.

[17]  Philip E. Agre,et al.  Surveillance and Capture: Two Models of Privacy , 1994, Inf. Soc..

[18]  Lance Rose Netlaw: Your Rights in the Online World , 1995 .

[19]  R. Aho,et al.  Pruning Duplicate Nodes in Depth-First Search , 1993 .

[20]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[21]  Chris Mitchell,et al.  Security defects in CCITT recommendation X.509: the directory authentication framework , 1990, CCRV.

[22]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[23]  G. Wiederhold,et al.  A security mediator for health care information. , 1996, Proceedings : a conference of the American Medical Informatics Association. AMIA Fall Symposium.

[24]  James G. Williams A shift in security modeling paradigms , 1993, NSPW '92-93.

[25]  Henning Schulzrinne,et al.  Copyright protection for electronic publishing over computer networks , 1995 .

[26]  Luis Gravano,et al.  STARTS: Stanford proposal for Internet meta-searching , 1997, SIGMOD '97.

[27]  Eric Pawson,et al.  The Social Production of Urban Space , 1987 .

[28]  Simon S. Lam,et al.  Authorization in distributed systems: a formal approach , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[29]  Oliver E. Williamson,et al.  Economic organization : firms, markets, and policy control , 1988 .

[30]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[31]  Thomas Beth,et al.  Trust relationships in secure systems-a distributed authentication perspective , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[32]  Terry Winograd,et al.  A Network-Centric Design for Relationship-Based Security and Access Control , 1997, J. Comput. Secur..

[33]  Robert C. Ellickson Of Coase and Cattle: Dispute Resolution Among Neighbors in Shasta County , 1986 .

[34]  Ralf C. Hauser Does licensing require new access control techniques? , 1994, CACM.

[35]  Marc Rotenberg,et al.  Communications privacy: implications for network design , 1993, CACM.

[36]  Marc Rotenberg,et al.  Privacy and the National Information Infrastructure. , 1994 .

[37]  Bruce A. Lehman Intellectual Property and the National Information Infrastructure: The Report of the Working Group on Intellectual Property Rights , 1995 .

[38]  John McLean,et al.  Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[39]  Leonard J. LaPadula Formal Modeling in a Generalized Framework for Access Control , 1990, CSFW.

[40]  Martín Abadi,et al.  A Calculus for Access Control in Distributed Systems , 1991, CRYPTO.

[41]  Ravi S. Sandhu,et al.  Some Owner Based Schemes With Dynamic Groups In The Schematic Protection Model , 1986, 1986 IEEE Symposium on Security and Privacy.

[42]  J. Reidenberg Rules of the Road for Global Electronic Highways: Merging the Trade and Technical Paradigms , 1992 .

[43]  Regis McKenna,et al.  Relationship Marketing: Successful Strategies For The Age Of The Customer , 1991 .

[44]  Butler W. Lampson,et al.  A Global Authentication Service without Global Trust , 1986, 1986 IEEE Symposium on Security and Privacy.

[45]  Ravi S. Sandhu,et al.  Conceptual foundations for a model of task-based authorizations , 1994, Proceedings The Computer Security Foundations Workshop VII.

[46]  Kevin Chen-Chuan Chang,et al.  Boolean Query Mapping Across Heterogeneous Information Sources , 1996, IEEE Trans. Knowl. Data Eng..

[47]  Ross J. Anderson Why cryptosystems fail , 1994, CACM.

[48]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[49]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[50]  David Chaum,et al.  Showing Credentials Without Identification: SIgnatures Transferred Between Unconditionally Unlinkable Pseudonyms , 1985, EUROCRYPT.

[51]  David L. Spooner,et al.  Sharing manufacturing information in virtual enterprises , 1996, CACM.

[52]  Daniel F. Sterne,et al.  On the buzzword 'security policy' , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[53]  Terry Winograd,et al.  Grassroots: providing a uniform framework for communicating, sharing information, and organizing people , 1996, CHI Conference Companion.

[54]  Abraham Silberschatz,et al.  Access-Right Expressions , 1983, TOPL.

[55]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[56]  Weidong Kou Electronic Data Interchange Standards , 1997 .

[57]  Adi Shamir,et al.  On Digital Signatures and Public-Key Cryptosystems. , 1977 .

[58]  John Dobson,et al.  New security paradigms: what other concepts do we need as well? , 1993, NSPW '92-93.

[59]  D. North Institutions, Institutional Change and Economic Performance: Economic performance , 1990 .

[60]  Regis McKenna,et al.  Real Time: Preparing for the Age of the Never Satisfied Customer , 1997 .

[61]  Edward G. Amoroso,et al.  Fundamentals of computer security technology , 1994 .

[62]  Press Niso Information Retrieval Application Service Definition and Protocol Specification for Open Systems Interconnection, Z39.50-1995 , 1994 .

[63]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[64]  Mary Ellen Zurko Attribute support for inter-domain use , 1992, [1992] Proceedings The Computer Security Foundations Workshop V.

[65]  Arthur J. Bernstein,et al.  Conditional Capabilities , 1979, IEEE Transactions on Software Engineering.

[66]  William Y. Arms Key concepts in the architecture of the digital library , 1995, D Lib Mag..

[67]  Andreas Paepcke,et al.  The digital library integrated task environment (DLITE) , 1997, DL '97.

[68]  John Linn,et al.  Generic Security Service Application Program Interface , 1993, RFC.

[69]  J. Rubenfeld The Right of Privacy , 1989 .

[70]  Joan Feigenbaum,et al.  REFEREE: Trust Management for Web Applications , 1997, Comput. Networks.

[71]  Benjamin Cox,et al.  NetBill Security and Transaction Protocol , 1995, USENIX Workshop on Electronic Commerce.

[72]  Terry Winograd,et al.  SenseMaker: an information-exploration interface supporting the contextual evolution of a user's interests , 1997, CHI.

[73]  Nathaniel S. Borenstein,et al.  MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies , 1992, RFC.

[74]  R. Preyer Federal Privacy of Medical Information Act. , 1979, Congressional record : proceedings and debates of the ... Congress. United States. Congress.

[75]  Lawrence O'Gorman,et al.  Document marking and identification using both line and word shifting , 1995, Proceedings of INFOCOM'95.

[76]  Marshall D. Abrams,et al.  Rule-based Trusted Access Control , 1992, IFIP International Information Security Conference.

[77]  Don Peppers,et al.  The One to One Future: Building Relationships One Customer at a Time (Будущее персонализации: построение взаимоотношений с одним клиентом) , 1993 .

[78]  Clifford A. Lynch,et al.  The Warwick Framework: A Container Architecture for Aggregating Sets of Metadata , 1996 .

[79]  Stephen Graw,et al.  An Introduction to the Law of Contract , 1993 .

[80]  John Linn,et al.  Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures , 1987, RFC.

[81]  Ravi S. Sandhu,et al.  The schematic protection model: its definition and analysis for acyclic attenuating schemes , 1988, JACM.

[82]  Randy E. Barnett Conflicting Visions: A Critique of Ian Macneil’s Relational Theory of Contract , 1992 .

[83]  Luis Gravano,et al.  The Stanford Digital Library metadata architecture , 1997, International Journal on Digital Libraries.

[84]  Raymond Reiter,et al.  A Logic for Default Reasoning , 1987, Artif. Intell..

[85]  Terry Winograd,et al.  A communication agreement framework for access/action control , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[86]  Dorothy E. Denning,et al.  A new paradigm for trusted systems , 1993, NSPW '92-93.

[87]  Morris Sloman,et al.  Content-dependent access control , 1991, OPSR.

[88]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[89]  E. Goffman Relations in Public: Microstudies of the Public Order , 1971 .

[90]  Panos K. Chrysanthis,et al.  ACTA: a framework for specifying and reasoning about transaction structure and behavior , 1990, SIGMOD '90.

[91]  Kenneth M. Kahn,et al.  Janus: A step towards distributed constraint programming , 1990, NACLP.

[92]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[93]  John E. Dobson,et al.  Security Models and Enterprise Models , 1988, Database Security.

[94]  Terry Winograd,et al.  Understanding computers and cognition - a new foundation for design , 1987 .

[95]  Andreas Paepcke,et al.  Towards Interoperability in Digital Libraries: Overview and Selected Highlights of the Stanford Digital Library Project , 1997 .

[96]  Raymond T. Nimmer,et al.  Information as a Commodity: New Imperatives of Commercial Law , 1992 .

[97]  Luis Gravano,et al.  The Stanford InfoBus and Its Service Layers: Augmenting the Internet with High-Level Information Management Protocols , 1998, The MeDoc Approach.

[98]  David D. Redell,et al.  NAMING AND PROTECTION IN EXTENDABLE OPERATING SYSTEMS , 1974 .

[99]  Leo Joseph Rotenberg,et al.  Making computers keep secrets , 1973 .

[100]  David Jefferson,et al.  Protection in the Hydra Operating System , 1975, SOSP.

[101]  James G. Williams,et al.  Toward a universal integrity model , 1991, Proceedings Computer Security Foundations Workshop IV.

[102]  Luis Gravano,et al.  Metadata for digital libraries: architecture and design rationale , 1997, DL '97.

[103]  Margaret DeLacy,et al.  Bentham's prison : a study of the panopticon penitentiary , 1994, Law and History Review.

[104]  R. Coase,et al.  The Firm, the Market, and the Law , 1990 .

[105]  Rein Turn Information privacy issues for the 1990s , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[106]  Hector Garcia-Molina,et al.  SCAM: A Copy Detection Mechanism for Digital Documents , 1995, DL.

[107]  Lance J. Hoffman,et al.  The formulary model for flexible privacy and access controls , 1899, AFIPS '71 (Fall).

[108]  Randy E. Barnett A Consent Theory of Contract , 1986 .

[109]  O. Gandy,et al.  Cultural Rights: Technology, Legality and Personality.@@@The Panoptic Sort: A Political Economy of Personal Information. , 1993 .

[110]  James H. Morris Protection in programming languages , 1973, CACM.

[111]  Marc Dacier A Petri net representation of the Take-Grant model , 1993, [1993] Proceedings Computer Security Foundations Workshop VI.

[112]  Terry Winograd,et al.  A network-centric design for relationship-based rights management , 1997 .

[113]  Lawrence O'Gorman,et al.  Electronic marking and identification techniques to discourage document copying , 1994, Proceedings of INFOCOM '94 Conference on Computer Communications.

[114]  Arthur Raphael Miller,et al.  Personal Privacy in the Computer Age: The Challenge of a New Technology in an Information-Oriented Society , 1969 .

[115]  A. A. Bielskis,et al.  Macintosh human interface guidelines , 1992 .

[116]  Computer and Communications Security Reviews , 2022 .

[117]  Carol M. Rose,et al.  Carol M. Rose, Property and Persuasion: Essays on the History, Theory, and Rhetoric of Ownership , Boulder, Colorado: Westview Press, 1994. Pp. ix + 317. $65.00 cloth; $24.50 paper (ISBN 0-8133-8544-7; ISBN 0-8133-8555-5). , 1998, Law and History Review.

[118]  Ravi Sandhu,et al.  Transaction control expressions for separation of duties , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[119]  Reid G. Smith,et al.  The Contract Net Protocol: High-Level Communication and Control in a Distributed Problem Solver , 1980, IEEE Transactions on Computers.

[120]  Steve Kent,et al.  Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management , 1989, RFC.

[121]  조위덕 Cryptography , 1987, The Official (ISC)2 SSCP CBK Reference.

[122]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[123]  Paul R. Milgrom,et al.  Economics, Organization and Management , 1992 .

[124]  A. Greif Cultural Beliefs and the Organization of Society: A Historical and Theoretical Reflection on Collectivist and Individualist Societies , 1994, Journal of Political Economy.

[125]  Abe Lockman,et al.  Ensuring integrity by adding obligations to privileges , 1985, ICSE '85.

[126]  Roger M. Needham,et al.  The Cambridge CAP computer and its protection system , 1977, SOSP '77.

[127]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[128]  E. Goffman Behavior in Public Places , 1963 .

[129]  David Chaum,et al.  Achieving Electronic Privacy , 1992 .

[130]  Curtis E. A. Karnow The Encrypted Self: Fleshing Out the Rights of Electronic Personalities, 13 J. Marshall J. Computer & Info. L. 1 (1994) , 1994 .

[131]  R. Sandhu Transformation of access rights , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[132]  A. Retrospective,et al.  The UNIX Time-sharing System , 1977 .

[133]  Eduardo B. Fernandez,et al.  Database Security and Integrity , 1981 .

[134]  Terry Winograd,et al.  Shared Web Annotations as a Platform for Third-Party Value-Added , 1994 .

[135]  R Bjornson,et al.  The people problem. , 1973, Minnesota medicine.

[136]  Ravi S. Sandhu,et al.  Separation of Duties in Computerized Information Systems , 1990, DBSec.

[137]  Kwok-Yan Lam,et al.  Context-Dependent Access Control in Distributed Systems , 1993, SEC.

[138]  Martín Abadi,et al.  Authentication in the Taos operating system , 1994, TOCS.

[139]  L. Thorne McCarty,et al.  Modalities Over Actions, I. Model Theory , 1994, KR.