A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf
.
A Policy-Oriented Language for Expressing Security Specifications
2007
International Journal of Network Security
Organizations' authorization policies are usually described by access control rules enforced on each protected object scattered all over the organization. Having a single global security policy specification would promote both security clarity and coherency [4, 9, 18, 31, 37] . Having a single security model for the whole organization, a single point of management and enforcement with a innumerous set of unknown users, does not scale well. However, both the policy enforcement and the mapping of
dblp:journals/ijnsec/RibeiroF07
fatcat:rhns5spsdrbcxipl72rhxkzjoa