Custom SME applications for collaboration and workflow have become affordable when implemented as Web applications employing Agile methodologies. Security engineering is still difficult with Agile development, though: heavy-weight processes put the improvements of Agile development at risk. We propose Agile security engineering and increased end-user involvement to improve Agile development wit...

Different authorization schemes for Internet applications have been proposed during the last years as solutions for the distributed authorization problem. Because delegation is a concept derived from authorization, this paper studies and put into perspective the delegation implications, issues and concepts that are derived from a number of those authorization schemes. For our study, we have sel...

Relationship-based access control (ReBAC) models define authorization policies and make authorization decisions on the basis of relationships between the entities in a system. We present a framework through which multiple ReBAC model instances can interoperate so that requests initiated in one system may target resources in a second system. Further, our framework is able to support requests pas...

Development of authorization mechanisms for secure information access by a big community of users in an unlock environment is a major trouble in the ever-growing Internet globe. In this paper we intend a computational dynamic trust model for user authorization, deep-rooted in findings from social science. Similar to most existing computational trust models, this model distinguishes trusting bel...

In access control, it is a reasonable requirement that authorization mechanism can be implemented intelligently by logic programs. We propose an authorization framework based on logic programs, ranging from design, analysis, and implementation. Our proposed framework is powerful and useful, with RBAC features, flexible authorization, logic-based formalization and integration of policies. It can...

Prior Authorization Information Pre-service approval is required for all inpatient services for all products. See below for situations where prior authorization may be required or may not be required. Yes indicates that prior authorization is required. No indicates that prior authorization is not required. N/A indicates that this service is primarily performed in an inpatient setting. Outpatien...

Prior Authorization Information Pre-service approval is required for all inpatient services for all products. See below for situations where prior authorization may be required or may not be required for outpatient services. Yes indicates that prior authorization is required. No indicates that prior authorization is not required. N/A indicates that this service is primarily performed in an inpa...

We present the design of a distributed authorization service which parallels existing authentication services for distributed systems. Such a service would operate on top of an authentication substrate. There are two distinct ideas underlying our design: (1) The use of a language, called generalized access control list (GACL), as a common representation of authorization requirements. (2) The us...

Unix is an operating system that began development almost 40 years ago. It has a very simple mechanism for controlling access to protected resources based on the owner-group-world model. This simple model has not attracted much interest from the access control community. In this paper we argue that the Unix access control mechanism has some interesting features of relevance to modern authorizat...