Abstract: Situations can arise in which organizations have to merge policies that are based on different access control frameworks, such as Role Based Access Control (RBAC) and Mandatory Access Control (MAC). Integrating policies requires addressing the following question: How will the integration impact access to protected resources? In particular, one needs to determine that the integration d...

Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general enough to simulate the traditional methods. In this paper we provide systematic constructions for various common forms of both of the tradition...

Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...

Provenance access control has been recognized as one of the most important components in an enterprise-level provenance system. However, it has only received little attention in the context of data security research. One important challenge in provenance access control is the lack of an access control language that supports its specific requirements, e.g., the support of both fine-grained polic...

Access Control policies in e-commerce domain can be quite complex, affecting the response time provided to the users. We describe an event-based access control system that can potentially reduce the customer response time by pre-computing the access control rights based on policies.

Access control is an important issue among the security problems of resources in distributed systems. In order to enable entities in distributed systems to understand and interpret policies correctly, common concern is drawn to the problem of expressing access control policies with semantic information. In this paper, we introduce how to express access control policies based on OWL and SWRL. It...

The enforcement of access control policies using cryptography has received considerable attention in recent years and the security of such enforcement schemes is increasingly well understood. Recent work in the area has considered the efficient enforcement of temporal and geo-spatial access control policies, and asymptotic results for the time and space complexity of efficient enforcement schem...

Several researches have been proposed over the past years to specify a selective access control for XML document. However, most of the previous researches only consider read privilege while specifying XML access control when access control policies support update rights is untouched. Therefore, a challenging issue is how to define an XML access control model to handle update operations that inc...

We present and study a Modal Access Control Logic (MACL) to specify and reason about access control policies. We identify canonical properties of well-known access control axioms. We provide a Hilbert-style proof-system and we prove soundness, completeness and decidability of the logic. We present a sound and complete embedding of Modal Access Control Logic into First-Order Logic. We show how t...

Provision of adaptive access control is key to allowing users harness the full potential of ubiquitous computing environments. In this paper, we introduce the M-Zones Access Control (MAC) process, which provides user-centric attribute-based access control, together with automatic reconfiguration of resources in response to the changes in the set of users physically present in the environment. U...