Filters








8,126 Hits in 4.8 sec

Abductive Analysis of Administrative Policies in Rule-Based Access Control

Puneet Gupta, Scott D. Stoller, Zhongyuan Xu
2014 IEEE Transactions on Dependable and Secure Computing  
This paper presents a rule-based access control policy language, a rule-based administrative policy model that controls addition and removal of rules and facts, and a symbolic analysis algorithm for answering  ...  In large organizations, the access control policy is managed by multiple users (administrators). An administrative policy specifies how each user may change the policy.  ...  This has led to the development of attribute-based access control frameworks with rule-based policy languages.  ... 
doi:10.1109/tdsc.2013.42 fatcat:eiwurtou3vhn3p4tfjhdrcllky

Abductive Analysis of Administrative Policies in Rule-Based Access Control [chapter]

Puneet Gupta, Scott D. Stoller, Zhongyuan Xu
2011 Lecture Notes in Computer Science  
This paper presents a rule-based access control policy language, a rule-based administrative policy model that controls addition and removal of rules and facts, and a symbolic analysis algorithm for answering  ...  In large organizations, the access control policy is managed by multiple users (administrators). An administrative policy specifies how each user may change the policy.  ...  This has led to the development of attribute-based access control frameworks with rule-based policy languages.  ... 
doi:10.1007/978-3-642-25560-1_8 fatcat:2qsyrcsxcvbaxk6sqxotn33fc4

Verification techniques for policy based systems

Erisa Karafili, Stephen Pipes, Emil C. Lupu
2017 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI)  
In this work, we present a discussion and classification of recent research on verification techniques for policy based systems.  ...  Verification techniques are applied to policy based systems to ensure design correctness and to aid in the discovery of errors at an early stage of the development life cycle.  ...  The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the U.S.  ... 
doi:10.1109/uic-atc.2017.8397415 dblp:conf/uic/KarafiliPL17 fatcat:l7uv7ct6djf5vapb7cyq73zo5i

Enabling Data Sharing in Contextual Environments

Erisa Karafili, Emil C. Lupu
2017 Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies - SACMAT '17 Abstracts  
We introduce the use of abductive reasoning and argumentation based techniques to work with context dependent rules, detect inconsistencies between them, and resolve the inconsistencies by assigning priorities  ...  In this work, we show how such rules can be captured in a formal representation called "Data Sharing Agreements".  ...  We performed the analysis that capture conflicts between DSAs rules with the help of an abductive based tool (A-system).  ... 
doi:10.1145/3078861.3078876 dblp:conf/sacmat/KarafiliL17 fatcat:salrionqajaibcoxemji3qygk4

Argumentation-based policy analysis for drone systems

Erisa Karafili, Emil C. Lupu, Saritha Arunkumar, Elisa Bertino
2017 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI)  
We introduce an argumentation-based policy analysis that captures conflicts for which properties have been specified. Our solution allows different rules to take priority in different contexts.  ...  We propose a decision making process that solves the detected conflicts by using a dynamic conflict resolution based on the priorities between rules.  ...  ACKNOWLEDGMENTS Ministry of Defence or the U.K. Government. The U.S. and U.K.  ... 
doi:10.1109/uic-atc.2017.8397414 dblp:conf/uic/KarafiliLAB17 fatcat:4hdrgu4ljncffiydffwwtlpabu

A decision support system for bureaucratic policy administration: An abductive logic programming approach

KayLiang Ong, Ronald M. Lee
1996 Decision Support Systems  
In this paper, we present an approach that uses abductive logic programming for building a decision support system for the administration of bureaucratic policies.  ...  As a result, these policies often consist of many inconsistencies (conflicts) as they evolve because there is no automated means to aid the administrators in detecting inconsistencies.  ...  Acknowledgements We would like to thank the editor, the referees who reviewed this paper as well as those who reviewed the original version of this paper [24] .  ... 
doi:10.1016/0167-9236(94)00054-9 fatcat:bbvlza5hvbdg7ihpk3pmygpx24

Expressive policy analysis with enhanced system dynamicity

Robert Craven, Jorge Lobo, Jiefei Ma, Alessandra Russo, Emil Lupu, Arosha Bandara
2009 Proceedings of the 4th International Symposium on Information, Computer, and Communications Security - ASIACCS '09  
Despite several research studies, the effective analysis of policy based systems remains a significant challenge.  ...  We present a logic-based policy analysis framework which satisfies these requirements, showing how many significant policy-related properties can be analysed, and we give details of a prototype implementation  ...  [17] present an approach for the analysis of role-based access control policies written in XACML.  ... 
doi:10.1145/1533057.1533091 dblp:conf/ccs/CravenLMRLB09 fatcat:gacshmoxyndr3oi556javslttm

Access control and the Resource Description Framework: A survey

Sabrina Kirrane, Alessandra Mileo, Stefan Decker, Bernardo Cuenca Grau
2016 Semantic Web Journal  
However, in order to support the next generation of e-business applications on top of Linked Data suitable forms of access control need to be put in place.  ...  This paper provides an overview of the various access control models, standards and policy languages, and the different access control enforcement strategies for the Resource Description Framework (the  ...  A number of well known policy languages, that adopt ontology based, rule based and combined ontology and rule based access control enforcement mechanisms were examined in detail.  ... 
doi:10.3233/sw-160236 fatcat:4b4el2ueozdtvjlzswlsd4p6my

Interactive access control for autonomic systems

Hristo Koshutanski, Fabio Massacci
2008 ACM Transactions on Autonomous and Adaptive Systems  
Servers evaluate their policies and interact with clients until a decision of grant or deny is taken. This proposal is grounded in a formal model on policy-based access control.  ...  It identifies the formal reasoning services of deduction, abduction and consistency. Based on them, the work proposes a comprehensive access control framework for autonomic systems.  ...  INTRODUCTION Controlling access to services is a key aspect of networking and the last few years have seen the domination of policy-based access control.  ... 
doi:10.1145/1380422.1380424 fatcat:esh3lugldbhxjkpnp5jpfx2hl4

Policy-based Management: A Historical Perspective

Raouf Boutaba, Issam Aib
2007 Journal of Network and Systems Management  
A security policy defines the (high-level) rules according to which access control must be regulated.  ...  Estrin's access-control of IONs (1985) The need of policy in network management has first been addressed by Deborah Estrin in 1985 in her access control solution for Inter-Organization Networks (ION) [  ...  An example implementation of domains in structuring access control policy based on capabilities is described in [24] and one based on access control lists is described in [30] .  ... 
doi:10.1007/s10922-007-9083-8 fatcat:cftw6c3tibggvgujqlnlmlyf4q

Methods and Tools for Policy Analysis

Amani Abu Jabal, Maryam Davari, Elisa Bertino, Christian Makaya, Seraphin Calo, Dinesh Verma, Alessandra Russo, Christopher Williams
2019 ACM Computing Surveys  
We conclude the paper by outlining novel research directions in the area of policy analysis. 2.1.1 Role-based Access Control (RBAC).  ...  In this paper, we present an extensive overview of methods for policy analysis.  ...  The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the ocial policies, either expressed or implied, of the U.S.  ... 
doi:10.1145/3295749 fatcat:ujkyr4jeerdxdbeonmh2wnixhy

An Administrative Model for Relationship-Based Access Control [chapter]

Scott D. Stoller
2015 Lecture Notes in Computer Science  
The model is illustrated with parts of a sample access control policy for electronic health records in a healthcare network.  ...  The administrative model is comprehensive in the sense that it allows and controls changes to all aspects of the ReBAC policy.  ...  This policy cannot be expressed so concisely in traditional role-based access control (RBAC) or attribute-based access control (ABAC) frameworks.  ... 
doi:10.1007/978-3-319-20810-7_4 fatcat:fkzd32xqjbh5hhvcdy3twxo3me

Multi-agent Confidential Abductive Reasoning

Jiefei Ma, Alessandra Russo, Krysia Broda, Emil Lupu, Marc Herbstritt
2011 International Conference on Logic Programming  
A case study on security policy analysis in distributed coalition networks is described, as an example of many applications of this system.  ...  However, in application domains like multi-agent systems for healthcare or distributed software agents for security policies in coalition networks, confidentiality of knowledge is an additional primary  ...  In a Role-based Access Control (RBAC) system, the permission of an action depends on the role(s) assigned to the subject.  ... 
doi:10.4230/lipics.iclp.2011.175 dblp:conf/iclp/MaRBL11 fatcat:rk3nxbmbqvhbxfo3ysff6ydmfq

Labeled Goal-Directed Search in Access Control Logic [chapter]

Valerio Genovese, Deepak Garg, Daniele Rispoli
2013 Lecture Notes in Computer Science  
BL G sf is more expressive than many other Datalog-based access control logics that also have very efficient decision procedures, and our search procedure finds proofs of authorization quickly in practice  ...  We describe a sound, complete, and terminating procedure for goal-directed proof search in BL G sf , an expressive fragment of a recently presented access control logic, BL sf .  ...  The design space of access control logics is wide, ranging from very expressive, but intractable higher-order logics to restrictive, but efficiently decidable Datalog-based logics.  ... 
doi:10.1007/978-3-642-38004-4_5 fatcat:ez45jznvkzhpraqnbzeq5f3jk4

An argumentation reasoning approach for data processing

Erisa Karafili, Konstantina Spanaki, Emil C. Lupu
2018 Computers in industry (Print)  
The proposed approach is taking into account the DSAs and usage policies as well as the quality attributes of the data, which were previously neglected compared to existing methods in the data processing  ...  Following an argumentation reasoning approach for data processing and building on the theoretical background of data management, we highlight the importance of data sharing agreements (DSAs) and quality  ...  Previous approaches in role-based access control [12] are based on different user roles for data access controls.  ... 
doi:10.1016/j.compind.2017.09.002 fatcat:czkpt6jpgnafljyvnm37rcqdha
« Previous Showing results 1 — 15 out of 8,126 results