Access control with privacy enhancements a unified approach

IEEE Transactions on Dependable and Secure Computing

Volumn 9, Issue 5, 2012, Pages 670-683

  Barker, Steve ^a   Genovese, Valerio ^b  

^a KING'S COLLEGE LONDON   (United Kingdom)

^b UNIVERSITY OF TURIN   (Italy)

Author keywords

access control; metamodeling; privacy; Security

Indexed keywords

COMPUTATION THEORY; DATA PRIVACY; ELECTRICAL ENGINEERING;

AXIOMATIZING; LOGICAL THEORIES; METAMODELING; MULTIPLE ACCESS CONTROL; PERFORMANCE MEASURE; PRIVACY MODELS; SECURITY; UNIFIED APPROACH;

ACCESS CONTROL;

EID: 84864743963     PISSN: 15455971     EISSN: None     Source Type: Journal    
DOI: 10.1109/TDSC.2012.22     Document Type: Article

References (31)

1. ANSI, "RBAC," iNCITS 359-2004, 2004.
2. M. Backes, M. Dürmuth, and G. Karjoth, "Unification in Privacy Policy Evaluation-Translating EPAL into Prolog," Proc. IEEE Int'l Workshop Policies for Distributed Systems and Networks (POLICY), pp. 185-188, 2004. (Pubitemid 40061198)
3. C. Baral, Knowledge Representation, Reasoning and Declarative Problem Solving. Cambridge Univ. Press, 2003.
4. C. Baral and M. Gelfond, "Logic Programming and Knowledge Representation," J. Logic Programming, vols. 19/20, pp. 73-148, 1994.
5. S. Barker, "The Next 700 Access Control Models or a Unifying Meta-Model?," Proc. ACM Symp. Access Control Models and Technologies (SACMAT), pp. 187-196, 2009.
6. S. Barker, "Personalizing Access Control by Generalizing Access Control," Proc. ACM Symp. Access Control Models and Technologies (SACMAT), pp. 149-158, 2010.
7. S. Barker, M.J. Sergot, and D. Wijesekera, "Status-Based Access Control," ACM Trans. Information and System Security, vol. 12, no. 1, article 1, 2008.
8. S. Barker and P. Stuckey, "Flexible Access Control Policy Specification with Constraint Logic Programming," ACM Trans. Information and System Security, vol. 6, no. 4, pp. 501-546, 2003.
9. M.Y. Becker, C. Fournet, and A.D. Gordon, "SecPAL: Design and Semantics of a Decentralized Authorization Language," J. Computer Security, vol. 18, no. 4, pp. 619-665, 2010.
10. D.E. Bell,L.J. LaPadula,Secure Computer System: Unified Exposition and Multics Interpretation Technical Report MTR-2997. MITRE Corp.1976
11. K. Biba, "Integrity Considerations for Secure Computer Systems," Technical Report MTR-3153, MITRE Corp., 1977.
12. B. Carminati, E. Ferrari, R. Heatherly, M. Kantarcioglu, and B.M. Thuraisingham, "Semantic Web-Based Social Network Access Control," Computers & Security, vol. 30, nos. 2/3, pp. 108-115, 2011.
13. B. Carminati, E. Ferrari, and A. Perego, "Enforcing Access Control in Web-Based Social Networks," ACM Trans. Information and System Security, vol. 13, no. 1, article 6, 2009.
14. J. Clifford, C. Dyreson, T. Isakowitz, C. Jensen, and R. Snodgrass, "On the Semantics of 'Now' in Databases," ACM Trans. Database Systems, vol. 22, no. 2, pp. 171-214, 1997.
15. L.F. Cranor, "P3P: Making Privacy Policies More Useful," IEEE Security & Privacy, vol. 1, no. 6, pp. 50-55, Nov./Dec. 2003.
16. C. Date, An Introduction to Database Systems. Addison-Wesley, 2003.
17. T. Dell'Armi, W. Faber, G. Ielpa, N. Leone, and G. Pfeifer, "Aggregate Functions in Disjunctive Logic Programming: Semantics, Complexity, and Implementation in DLV," Proc. 18th Int'l Joint Conf. Artificial Intelligence (IJCAI), pp. 847-852, 2003.
18. J. DeTreville, "Binder, A Logic-Based Security Language," Proc. IEEE Symp. Security and Privacy, pp. 105-113, 2002. (Pubitemid 34648107)
19. M. Gelfond and V. Lifschitz, "Classical Negation in Logic Programs and Disjunctive Databases," New Generation Computing, vol. 9, pp. 365-385, 1991.
20. S. Jajodia, P. Samarati, M. Sapino, and V. Subrahmaninan, "Flexible Support for Multiple Access Control Policies," ACM Trans. Database Systems, vol. 26, no. 2, pp. 214-260, 2001. (Pubitemid 33661632)
21. T. Jim, "SD3: A Trust Management System with Certified Evaluation," Proc. IEEE Symp. Security and Privacy, pp. 106-115, 2001. (Pubitemid 32882630)
22. K. LeFevre, R. Agrawal, V. Ercegovac, R. Ramakrishnan, Y. Xu, and D.J. DeWitt, "Limiting Disclosure in Hippocratic Databases," Proc. Int'l Conf. Very Large Data Bases, pp. 108-119, 2004.
23. N. Leone and W. Faber, "The Dlv Project: A Tour from Theory and Research to Applications and Market," Proc. Int'l Conf. Logic Programming (ICLP), pp. 53-68, 2008.
24. N. Li, J.C. Mitchell, and W.H. Winsborough, "Design of a Role-Based Trust-Management Framework," Proc. IEEE Symp. Security and Privacy, pp. 114-130, 2002. (Pubitemid 34648108)
25. J. Lloyd, Foundations of Logic Programming. Springer-Verlag, 1987.
26. V.W. Marek and J.B. Remmel, "Guarded Resolution for Answer Set Programming," Theory and Practice of Logic Programming, vol. 11, no. 1, pp. 111-123, 2011.
27. Q. Ni, A. Trombetta, E. Bertino, and J. Lobo, "Privacy-Aware Role Based Access Control," Proc. 12th ACM Symp. Access Control Models and Technologies (SACMAT), pp. 41-50, 2007. (Pubitemid 47281536)
28. B. Russell, The Principles of Mathematics. Cambridge Univ. Press, 1903.
29. R. Sandhu, E. Coyne, H. Feinstein, and C. Youman, "Role-Based Access Control Models," Computer, vol. 29, no. 2, pp. 38-47, Feb. 1996.
30. P. Suppes, Representation and Invariance of Scientific Structures. CSLI, 2001.
31. S. Wang and Y. Zhang, "Handling Distributed Authorization with Delegation through Answer Set Programming," Int'l J. Information Security, vol. 6, no. 1, pp. 27-46, 2007. (Pubitemid 44963967)