The Bluetooth standard has a provision for mutual authentication of connecting devices but not their actual users and allows access control during connection setup only. We propose a user authorization and pairing (UAP) application, that has the ability to perform authentication and authorization of users using role based model. The pairing procedure, which exchanges link key between devices, i...

Collaboration systems require an appropriate uurhorizarion model to specifL and winrain policies that iiut only facilitate group activities but also enforce restrictions and uccountubility. Existing models fail to incorporate adequately into authorization decisions the rich notion of context rhut is inherent to any collaborative setting. In this paper we present the Locale-based Access Control ...

In authorization-transparent access control, users formulate their queries against the database schema rather than against authorization views that transform and hide data. The Truman and the Non-Truman are two approaches to authorization transparency where in a Truman model, queries that violate the access restrictions are modified transparently by the system to only reveal accessible data, wh...

Trust plays a growing role in research on security in open computing systems, including Grid computing. We propose using trust for authorization in such systems. Traditionally, authentication and authorization in computer systems guard only user interfaces, thus providing only a perimeter defense against attacks. We search for an authentication and authorization approach that satisfies the requ...

RB-RBAC (Rule-Based RBAC) provides the mechanism to dynamically assign users to roles based on a finite set of authorization rules defined by the enterprise's security policy. The RB-RBAC family introduces negative authorization, represented by negative roles, which may bring conflict, and conflict detection and resolution become an import work in RB-RBAC policy management. We proposed a formal...

Object-oriented databases are a recent and important development and many studies of them have been performed. These consider aspects such as data modeling, query languages, performance, and concurrency control. Relatively few studies address their security, a critical aspect in systems like these that have a complex and rich data structuring. We developed previously a model of authorization fo...

Provenance-based Access Control (PBAC) has recently risen as an effective access control approach that can utilize readily provided history information of underlying systems to enhance various aspects of access control in a computing environment. The adoption of PBAC capabilities to the authorization engine of a multi-tenant cloud Infrastructure-as-a-Service (IaaS) such as OpenStack can enhance...

Role-based access control (RBAC) models have generated a great interest in the security community as a powerful and generalized approach to security management and ability to model organizational structure and their capability to reduce administrative expenses. In this paper, we highlight the drawbacks of latest developed RBAC models in terms of access control and authorization and later provid...

In order to collaborate large numbers of heterogeneous distributed devices over multiple domains within a modern large-scale device collaboration system, a fine-grained, flexible and secure approach is required for device authentication and authorization. This paper proposed a Multiple-Policy supported Attribute-Based Access Control model and its architecture to address these demands. With eXte...

Role-based access control models have attracted appreciable research interest in past time due to their providing some flexibility to security management and ability to model organizational structure and their capability to reduce administrative expenses. In this paper, we explains the drawbacks of RBAC96 model in the aspect of the authorization, access rules and fine-grain access controls in t...