Policies, models, and languages for access control

Lecture Notes in Computer Science

Volumn 3433, Issue , 2005, Pages 225-237

  De Capitani Di Vimercati, Sabrina ^a   Samarati, Pierangela ^a   Jajodia, Sushil ^b  

^a UNIVERSITY OF MILAN   (Italy)

^b GEORGE MASON UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER SCIENCE; CONTROL SYSTEMS; DATA PROCESSING; DATABASE SYSTEMS; FORMAL LANGUAGES; INFORMATION TECHNOLOGY; MATHEMATICAL MODELS;

ACCESS CONTROL; EXPRESSIVENESS; POLICIES; REQUESTS;

CONTROL THEORY;

EID: 24644431553     PISSN: 03029743     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1007/978-3-540-31970-2_18     Document Type: Conference Paper

References (35)

1. Apache http server version 2.0. http://www.apache.org/docs-2.0/misc/ tutorials.html.
2. C. Bettini, S. Jajodia, S. Wang, and D. Wijesekera. Provisions and obligations in policy rule management and security applications. In Proc. 28th International Conference on Very Large Data Bases, Hong Kong, China, August 2002.
3. M. Blaze, J. Feigenbaum, J. Ioannidis, and A.D. Keromytis. The role of trust management in distributed systems security. Secure Internet Programming: Issues in Distributed and Mobile Object Systems. Springer Verlag LNCS State-ofthe- Art series, 1998.
4. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proc. of the 1996 IEEE Symposiumon Security and Privacy, Oakland, CA, USA, May 1996.
5. P. Bonatti, S. De Capitani di Vimercati, and P. Samarati. An algebra for composing access control policies. ACM Transactions on Information and System Security, 5(1):1-35, February 2002.
6. P. Bonatti and P. Samarati. A unified framework for regulating access and information release on the web. Journal of Computer Security, 10(3):241-272, 2002.
7. D. Box et al. Web services policy framework (WS-Policy) version 1.1., May 2003. http://msdn.microsoft.com/library/en-us/dnglobspec/html/ws-policy.asp.
8. Y-H. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss. Referee: trust management forweb applications. WorldWide Web Journal, 2(3):706-734, 1997.
9. E. Damiani, S. De Capitani di Vimercati, C. Fugazza, and P. Samarati. Extending policy languages to the semantic web. In Proc. of the International Conference on Web Engineering, Munich, Germany, July 2004.
10. E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati. A fine-grained access control system for XML documents. A CM Transactions on Information and System Security (TISSEC), 5(2): 169-202, May 2002.
11. C.J. Date. An Introduction to Database Systems. Addison-Wesley, 6th edition, 1995.
12. J. DeTreville. Binder, a logic-based security language. In Proc. of the 2001 IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 2002.
13. A. Dovier, C. Piazza, E. Pontelli, and G. Rossi. Sets and constraints logic programming. ACM Transactions of Programming Languages and Systems, 22(5):861-931, September 2000.
14. S. Farrell and R. Housley. An internet attribute certificate profile for authorization. RFC 3281, April 2002.
15. E.B. Fernandez, E. Gudes, and H. Song. A model for evaluation and administration of security in object-oriented databases. IEEE Transaction on Knowledge and Data Engineering, 6(2):275-292, 1994.
16. M. Gelfond and V. Lifschitz. The stable model semantics for logic programming. In Proc. of the 5th International Conference and Symposium on Logic Programming, pages 1070-1080, Cambridge, Massachusetts, 1988. The MIT Press.
17. S. Jajodia, M. Kudo, and V.S. Subrahmanian. Provisional authorizations. In Anup Ghosh, editor, E-Commerce Security and Privacy, pages 133-159. Kluwer Academic Publishers, Boston, 2001.
18. S. Jajodia, P. Samarati, M.L. Sapino, and V.S. Subrahmanian. Flexible support for multiple access control policies. ACM Transactions on Database Systems, 26(2):214-260, June 2001.
19. T. Jim. Sd3: A trust management system with certified evaluation. In Proc. of the 2001 IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 2001.
20. M. Kudoh, Y. Hirayama, S. Hada, and A. Vollschwitz. Access control specification based on policy evaluation and enforcement model and specification language. In Symposium on Cryptograpy and Information Security, SCIS'2000, 2000.
21. C.E. Landwehr. Formal models for computer security. ACM Computing Surveys, 13(3):247-278, 1981.
22. N. Li, B.N. Grosof, and Feigenbaum. Delegation logic: A logic-based approach to distributed authorization. ACM Transactions on Information and System Security, 6(1):128-171, February 2003.
23. N. Li and J.C. Mitchell. Datalog with constraints: A foundation for trustmanagement languages. In Proc. of the Fifth International Symposium on Practical Aspects of Declarative Languages (PADL 2003), New Orleans, LA, USA, January 2003.
24. N. Li, J.C. Mitchell, and W.H. Winsborough. Design of a role-based trustmanagement framework. In Proc. of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 2002.
25. T. Lunt. Access control policies: Some unanswered questions. In IEEE Computer Security Foundations Workshop II, pages 227-245, Franconia, NH, June 1988.
26. OASIS, eXtensible Access Control Markup Language (XACML) Version 1.0, 2003. http://www.oasis-open.org/committees/xacml.
27. OASIS. Security Assertion Markup Language (SAML) V1.1, 2003. http://www.oasis-open.org/committees/security/.
28. OASIS, eXtensible Access Control Markup Language (XACML) Version 2.0, 2004. http://www.oasis-open.org/committees/xacml.
29. F. Rabitti, E. Bertino, W. Kim, and D. Woelk. A model of authorization for next-generation database systems. ACM TODS, 16(1):89-131, March 1991.
30. P. Samarati and S. De Capitani di Vimercati. Access control: Policies, models, and mechanisms. In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design, LNCS 2171. Springer-Verlag, 2001.
31. K.E. Seamons, M. Winslett, T. Yu, B. Smith, E. Child, J. Jacobson, H. Mills, and L. Yu. Requirements for policy languages for trust negotiation. In Proc. of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Monterey, CA, June 2002.
32. H. Shen and P. Dewan. Access control for collaborative environments. In Proc. Int. Conf. on Computer Supported Cooperative Work, pages 51-58, November 1992.
33. L. Wang, D. Wijesekera, and S. Jajodia. A logic-based framework for attribute based access control. In Proc. of the 2004 ACM Workshop on Formal Methods in Security Engineering, Washington DC, USA, October 2004.
34. D. Wijesekera and S. Jajodia. A prepositional policy algebra for access control. ACM Transactions on Information and System Security, 6(2):286-325, May 2003.
35. T. Yu, M. Winslett, and K.E. Seamons. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security, 6(1):l-42, February 2003.