Delegation assistance

Proceedings - 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009

Volumn , Issue , 2009, Pages 84-91

  Brucker, Achim D ^a   Petritsch, Helmut ^a   Schaad, Andreas ^a  

^a SAP RESEARCH   (Germany)

Author keywords

Delegation and revocation; Policy enforcement; Security architecture; Security services

Indexed keywords

ACCESS CONTROL MECHANISM; BUSINESS OBJECTS; DELEGATION AND REVOCATION; DISTANCE FUNCTIONS; GEOSPATIAL INFORMATION; INFORMATION SOURCES; IT SYSTEM; POLICY ENFORCEMENT; ROLE HIERARCHY; RUNTIMES; SECURITY ARCHITECTURE; SECURITY SERVICES; SOCIAL NETWORKS;

INFORMATION TECHNOLOGY; SECURITY SYSTEMS;

ACCESS CONTROL;

EID: 71049179499     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/POLICY.2009.35     Document Type: Conference Paper

References (17)

1. D. Povey, "Enforcing well-formed and partially-formed transactions for Unix," in Proceedings of the 8th conference on USENIX Security Symposium, vol.8. USENIX Association, 1999, pp. 5-5
2. B. D. Win, F. Piessens, W. Joosen, and T. Verhanneman, "On the importance of the separation-of-concerns principle in secure software engineering," in ACSA Workshop on the Application of Engineering Principles to System Security Design (Serban, C., ed.), 2003, pp. 1-10.
3. T. Priebe and G. Pernul, "Towards OLAP security design: survey and research issues," in Proceedings of the 3rd ACM international workshop on Data warehousing and OLAP. New York, NY USA: ACM Press, 2000, pp. 33-40.
4. V. Atluri and J. Warner, "Supporting conditional delegation in secure workflow management systems," in Proceedings of the tenth ACM symposium on Access control models and technologies (SACMAT). New York, NY USA: ACM Press, 2005, pp. 49-58.
5. "eXtensible Access Control Markup Language (XACML), version 2.0," 2005. [Online]. Available: http://docs.oasis-open.org/xacml/2.0/ XACML-2.0-OS-NORMATIVE.zip
6. L. C. Paulson, ML for the Working Programmer. Cambridge Press, 1996.
7. D. E. Bell and L. J. LaPadula, "Secure computer systems: A mathematical model, volume II," in Journal of Computer Security 4, 1996, pp. 229-263,
8. an electronic reconstruction of Secure Computer Systems: Mathematical Foundations, 1973.
9. D. W. Chadwick and A. Otenko, "The PERMIS X.509 role based privilege management infrastructure," in Proceedings of the seventh ACM symposium on Access control models and technologies (SACMAT). New York, NY USA: ACM Press, 2002, pp. 135-140.
10. C. Ye and Z. Wu, "Using XML and XACML to support attribute based delegation," in CIT '05: Proceedings of the The Fifth International Conference on Computer and Information Technology. Washington, DC, USA: IEEE Computer Society, 2005, pp. 751-756.
11. "Break-glass: An approach to granting emergency access to healthcare systems," Joint NEMA/COCIR/JIRA Security and Privacy Committee (SPC), White paper, 2004.
12. A. D. Brucker and H. Petritsch, "Extending access control models with break-glass," in ACM symposium on access control models and technologies (SACMAT). ACM Press, 2009.
13. J. Warner, V. Atluri, R. Mukkamala, and J. Vaidya, "Using semantics for automatic enforcement of access control policies among dynamic coalitions," in SACMAT, V. Lotz and B. M. Thuraisingham, Eds. New York, NY USA: ACM Press, 2007, pp. 235-244.
14. [13] K. Fisler, S. Krishnamurthi, L. A. Meyerovich, and M. C. Tschantz, "Verification and change-impact analysis of accesscontrol policies," in ICSE, G.-C. Roman, W. G. Griswold, and B. Nuseibeh, Eds. New York, NY USA: ACM Press, 2005, pp. 196-205. (Pubitemid 43283593)
15. J. Bryans, "Reasoning about XACML policies using CSP," in Proceedings of the 2005 workshop on Secure Web services. New York, NY USA: ACM Press, 2005, pp. 28-35.
16. D. Lin, P Rao, E. Bertino, and J. Lobo, "An approach to evaluate policy similarity," in SACMAT, V. Lotz and B. M. Thuraisingham, Eds. New York, NY USA: ACM Press, 2007, pp. 1-10.
17. M. Kohler and A. Schaad, "Pro active access control for business process-driven environments," in Annual Computer Security Applications Conference. Los Alamitos, CA, USA: IEEE Computer Society, 2008, pp. 153-162.