Policies, Models, and Languages for Access Control

Access control is the process of mediating every request to data and services maintained by a system and determining whether the request should be granted or denied. Expressiveness and flexibility are top requirements for an access control system together with, and usually in conflict with, simplicity and efficiency. In this paper, we discuss the main desiderata for access control systems and illustrate the main characteristics of access control solutions.

[1]  Marianne Winslett,et al.  Requirements for policy languages for trust negotiation , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[2]  Joan Feigenbaum,et al.  The Role of Trust Management in Distributed Systems Security , 2001, Secure Internet Programming.

[3]  Ehud Gudes,et al.  A Model for Evaluation and Administration of Security in Object-Oriented Databases , 1994, IEEE Trans. Knowl. Data Eng..

[4]  Ninghui Li,et al.  DATALOG with Constraints: A Foundation for Trust Management Languages , 2003, PADL.

[5]  Daniel Roth,et al.  Web Services Policy Framework (WS- Policy) , 2002 .

[6]  Sabrina De Capitani di Vimercati,et al.  An algebra for composing access control policies , 2002, TSEC.

[7]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[8]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[9]  Sushil Jajodia,et al.  Provisions and Obligations in Policy Management and Security Applications , 2002, VLDB.

[10]  Marianne Winslett,et al.  Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003, TSEC.

[11]  Agostino Dovier,et al.  Sets and constraint logic programming , 2000, TOPL.

[12]  John DeTreville,et al.  Binder, a logic-based security language , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[13]  Stéphane Bressan,et al.  Introduction to Database Systems , 2005 .

[14]  Prasun Dewan,et al.  Access control for collaborative environments , 1992, CSCW '92.

[15]  Ninghui Li,et al.  Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[16]  Joan Feigenbaum,et al.  REFEREE: Trust Management for Web Applications , 1997, Comput. Networks.

[17]  Teresa F. Lunt Access control policies: Some unanswered questions , 1989, Comput. Secur..

[18]  Sushil Jajodia,et al.  A propositional policy algebra for access control , 2003, TSEC.

[19]  Ernesto Damiani,et al.  Extending Policy Languages to the Semantic Web , 2004, ICWE.

[20]  Sabrina De Capitani di Vimercati,et al.  Access Control: Policies, Models, and Mechanisms , 2000, FOSAD.

[21]  Sushil Jajodia,et al.  Provisional Authorizations , 2001, E-Commerce Security and Privacy.

[22]  Sabrina De Capitani di Vimercati,et al.  A fine-grained access control system for XML documents , 2002, TSEC.

[23]  Anup K. Ghosh E-Commerce Security and Privacy , 2001, Advances in Information Security.

[24]  Trevor Jim,et al.  SD3: a trust management system with certified evaluation , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[25]  Joan Feigenbaum,et al.  Delegation logic: A logic-based approach to distributed authorization , 2003, TSEC.

[26]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[27]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[28]  Sushil Jajodia,et al.  A logic-based framework for attribute based access control , 2004, FMSE '04.

[29]  Pierangela Samarati,et al.  A Uniform Framework for Regulating Service Access and Information Release on the Web , 2002, J. Comput. Secur..