A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Filters
A Rigorous Framework for Specification, Analysis and Enforcement of Access Control Policies
2017
IEEE Transactions on Software Engineering
Preserved Fulltext
Policies can use operators that combine, according to different strategies, not-app and indet decisions with the others. ...
To improve code readability, we use the infix notation for operators, a textual notation for permissions and an additional check on the subject role. ...
with formal methods. ...
doi:10.1109/tse.2017.2765640
fatcat:d7lsslgxfbcwzd2ami6e37vxom
A Rigorous Framework for Specification, Analysis and Enforcement of Access Control Policies
[article]
2016
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. ...
Effectiveness and performance of the analysis rely on a semantic-preserving representation of FACPL policies in terms of SMT formulae and on the use of efficient SMT solvers. ...
The tools allow access control system developers to use formally-defined functionalities without requiring them to be familiar with formal methods. ...
arXiv:1612.09339v1
fatcat:usyt5oh2bnbt3m4ie7o67r65ou
Semantic security: specification and enforcement of semantic policies for security-driven collaborations
2009
Studies in Health Technology and Informatics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
However it is the case that existing security authorization solutions are fragile, inflexible and difficult to establish and maintain. ...
to security policy specification and enforcement can address many of the limitations with existing security solutions. ...
The technology that allows us to articulate this relationship, and state formally that a 'nurse' IsA 'healthcare worker' is an ontology, and is key to semantic web technology. ...
pmid:19593058
fatcat:ol7qblybyjdepphdlmvo5rtasm
Access control for local personal smart spaces
2015
2015 Information Security for South Africa (ISSA)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Section 7.3 formally defines the access control model used in the LPSS framework and validates it through the use of scenario-based examples. The chapter is then concluded. ...
and policy sets as well as the rule combining algorithms (RCAs) used in XACML. ...
doi:10.1109/issa.2015.7335056
dblp:conf/issa/GreavesC15
fatcat:hdyghge7djhnxp2wr4ukcqi2ri
HYPERRIDE ICT platform specification
2021
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
A central logic allows to coordinate the needs and capacities of all generators, network operators, end users and stakeholders in the electricity market in order to: optimise the use and operation of resources ...
Measurement sensors, actuators, automation devices, information technology and communication equipment permit to exchange information and to send command, control, and automation signals from the digital ...
Policies are created automatically when defining a role in the IdM (formally written in XACML by the system); however, users are allowed to write custom rules using the Extensible Markup Language (XML) ...
doi:10.5281/zenodo.5537586
fatcat:avm6wndutbfz7cnq7sdpks3uvq
A review of attacks and security approaches in open multi-agent systems
2012
Artificial Intelligence Review
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
A limitation of both conceptual modeling and language-based frameworks is difficulty of formalising realistic policies using annotations. iv Finally, the proposed security-typed LCC is applied to a cloud ...
One way to build large-scale autonomous systems is to develop an open multi-agent system using peer-to-peer architectures in which agents are not pre-engineered to work together and in which agents themselves ...
They have introduced a formal model of distributed monitoring and a formal method and an algorithm to detect maximal malicious group of attackers using a coordination graph (nodes are states and arcs are ...
doi:10.1007/s10462-012-9343-1
fatcat:ppins5fil5hztjftmzbgzknzli
Analysis of ontologies and policy languages to represent information flows in GDPR
2022
Semantic Web Journal
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
This article surveys existing vocabularies, ontologies and policy languages that can be used to represent informational items referenced in GDPR rights and obligations, such as the 'notification of a data ...
. 13 privacy-related policy languages and 9 data protection vocabularies and ontologies are studied in relation to this list of informational items. ...
Acknowledgements This research has been supported by European Union's Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813497 (PROTECT). ...
doi:10.3233/sw-223009
fatcat:k6ne3yxrobbp3msouvh5ufadda
Extended Policy-Based Management Framework to Provide Always Best Connected Services in Heterogeneous Mobile Environments
[article]
2009
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
We present performance analysis to validate our architectural approach. ...
Sometimes referred to as 4th generation (4G) networks, the overall objective of this research is to provide a managed Always Best Connected (ABC) service over underlying heterogeneous wireless and mobile ...
[143] proposed a method to detect a modality conflict in the RBAC model by using a decision table. ...
doi:10.26021/2135
fatcat:pmkd5tojxzb6hcutkwarf5co5i
Identity Management in Business Process Modelling: A Model-Driven Approach
2009
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The modelling of business processes is widely used in enterprises. ...
Due to the business-driven background of access control, this kind of requirement should be collected at the business site's business process model. ...
Access permissions can be specified for methods and method categories at a technical level. A Java-based tool allows the generation of XACML policies. ...
doi:10.5445/ir/1000009885
fatcat:g5runmdgbvdvhgh72igt3ftt3u
A Security Gateway for Web Service Protocols
2007
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We use Description Logics (DL) to provide a formalisation of XACML. At the root of all XACML policies is a Policy or a PolicySet. ...
XACML enables the use of arbitrary attributes in policies, allows for the expression of "deny" policies and enables the use of hierarchical RBAC. ...
This makes it easy to use the Prefuse graphs and trees in our management tools. The following code helps with the integration of Prefuse graphs into our approach. ...
doi:10.5445/ir/1000007201
fatcat:krgy5grbq5ad3fgrm2jtuf34s4
On harnessing information models and ontologies for policy conflict analysis
2009
2009 IFIP/IEEE International Symposium on Integrated Network Management
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Policy renement and policy verication/validation have been integrated into the policy authoring process in this thesis, but more research is required to realise these processes for use with the formalised ...
There is a very well dened method of searching and transforming the elements of this set using the formal approach taken. Maps are used to describe relationships between sets of entities. ...
doi:10.1109/inm.2009.5188889
dblp:conf/im/DavyJS09
fatcat:ga4r3yt6inasbjt4qgabwls7tm
Security Mechanisms for Workflows in Service-Oriented Architectures
2015
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In addition, XACML defines a format for decision requests and results. An RBAC profile [And05, Ris14b] 7 describes how to encode role-based authorisation policies using XACML. ...
By now, RBAC has become a formal standard in the United States [ANSI04] . The RBAC reference model includes users, roles, permissions and sessions. ...
ID created by the PEP-HT, • the information that the task has not yet been performed and no user has claimed it, and • the callback URL that will be used to inform the workflow when the task has been ...
doi:10.5445/ir/1000050957
fatcat:azkda2l6vngojeivnxrot5omgi
Policy and Security Configuration Management in Distributed Systems New Technologies and Mathematical Methods XXVII Cycle
2015
Mechatronics, Information Technology
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
[40] use OWL [80] to formalise Role Based Access Control (RBAC) [101] . ...
The idea of having explicit role authorizations was presented in the original proposals for RBAC models. The XACML profile for RBAC uses the same approach, with two suggested kinds of XACML rules. ...
In order to manage, in a flexible way, the refinement process we have decided to adopt the same approach of policy enrichment, thus we have implemented the refinement process with the use of an extension ...
fatcat:ilmkkhy5d5ag3h3jdddfkux664
ICCGI 2015 The Tenth International Multi-Conference on Computing in the Global Information Technology
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
We also kindly thank all the authors that dedicated much of their time and effort to contribute to ICCGI 2015. ...
We hope ICCGI 2015 was a successful international forum for the exchange of ideas and results between academia and industry and to promote further progress in the field of computing in the global information ...
The authors want to thank Lars Ackermann and Stefan Schönig, both with University of Bayreuth.
ACKNOWLEDGMENT This work was supported by KAKENHI 15H02686. ...
fatcat:lf5jdtpy5fdqzl6gr43ou7hrbu