We consider the problem of developing an abstract metamodel of access control in terms of which policies for protecting a principal’s private information may be specified. Our concern is with developing the formal foundations of our conceptual model. For both the specific access control models and privacy policies, which may be defined in terms of the meta-model, we adopt a combining approach: ...

The growing importance of access control has led to the definition of numerous languages for specifying policies. Since these languages are based on different foundations, language users and designers would benefit from formal means to compare them. We present a set of properties that examine the behavior of policies under enlarged requests, policy growth, and policy decomposition. They therefo...

BACKGROUND Traditional academic assumptions about advance care planning (ACP) include the following: (1) the purpose of ACP is preparing for incapacity; (2) ACP is based on the ethical principle of autonomy and the exercise of control; (3) the focus of ACP is completing written advance directive forms; and (4) ACP occurs within the context of the physician-patient relationship. These assumption...

In India, where energy access is limited, how does the public react to the government’s inability to provide the citizens with basic energy services, such as electricity and clean cooking fuel? We answer this question using a survey conducted in two rural villages of Uttar Pradesh. First, we examine the association between a respondent’s opinion on state intervention and policy failure. Specifi...

Authorization of access to resources is typically viewed as being the responsibility of the applications that access specific resources. This leads to incoherent implementation of security within an organization as the protection of a resource becomes dependent upon the path through which it is accessed. This paper proposes that authorization be provided as a service that is utilized by applica...

The last few years have seen an explosive growth of the e-service offered over the Internet. E-service provision is evolving from a centralized model to a distributed and dynamic one. Identity, rights, non-repudiation, access control and QoS are extremely important aspects in such a distributed e-service framework. This paper briefly describes our distributed trust model that underpins the e-se...

Recently, XACML is a popular access control policy language that is used widely in many applications. Policies in XACML are built based on many components over distributed resources. Due to the expressiveness of XACML, it is not trivial for policy administrators to understand the overall effect and consequences of XACML policies they have written. In this paper we show a mechanism and a tool ho...

The decentralized and anonymous characteristics of P2P environments, necessitates the need for an access control model, based on trust and recommendation. Since peers are heterogeneous, some peers might be malicious and in the absence of a centralized authority to punish such peers, mechanisms for trust and recommendation can help to distinguish between good and bad peers. In this paper we prop...

Most organizations use several security policies to control different systems and data, comprising in this way a global complex policy. These security policies are often scattered over different environments, each one with its own security model and domain of administration, making them difficult to administer and understand. Moreover, some applications (e.g. workflow), often need to cross seve...

Recent events have renewed the debate on the desirability of imposing institutional constraints on government policy. This paper investigates how policy constraints discipline the behavior of discretionary governments in dynamic stochastic monetary economies and evaluates the welfare properties of such restrictions. Across a variety of possible shocks, the best policy is to impose a minimum sur...