There are considerable number of approaches to policy specification both for security and policy driven network management. This specification sort security policies into two basic types: authorization and obligation policies. Most of the researches in security policies specification over the years focus on authorization policy modelling. In this paper, we report our approach in developing an i...

In order to improve the reliability of remote calibration system, a task-constraint-based access control model named TCBAC is presented according to the characteristic of remote calibration system. TCBAC conducts access control according to task. It defines authorization constraints and execution constraints by the characteristics of task and the relation among tasks. Users can obtain a task au...

This paper considers a security agent based approach to authorization in a distributed environment. A security agent is used to capture the privileges and a part of security policy in distributed authorization. Principals make use of these agents to carry out their requests on remote hosts. Targets verify the authenticity of the security agent and its privileges and use them together with their...

In this paper, we introduce the internet of things and related architecture and protocols, and the family of usage control (UCON) models, which integrate authorizations (A), obligations (B), and conditions (C). The UCON is a generalization of access control to cover authorizations, obligations, conditions, continuity (ongoing controls), and mutability. In the internet of things’ highly dynamic,...

Resource access control in a multi-provider scenario requires an authorization mechanism such that users are granted seamless access to resources (connectivity services, application services and contents) in different provider domains. This paper proposes the integration of a Role-based authorization system in a network service provisioning framework, in order to support multi-provider networks...

This paper describes a security system for authorization in open networks. Authorization means authority to access certain resources, to perform certain operations, or to use certain system functions. In this paper, the authorization system bases on use of attribute certificates. An attribute certificate is a signed object containing authorization attributes of a user. Before checking whether a...

Cryptographic protocols and authorization policies are two leading techniques for securing software systems. The former are concerned with the enforcement of secure communications in distributed systems, while the latter specify which users under which conditions can be granted access to resources of a system. The two have been mostly studied in isolation. Indeed, there are a number of algorith...