The authorization mechanisms in existing Grids are relatively static, so we present a dynamic authorization mechanism. Through the negotiation between users and resources, the Grid security management entities match the requests of the user and resource according to corresponding stipulations in security policies, form security contracts, and make authorization decisions. In order to reflect wh...

We are interested in the design of policies for virtual communities of agents based on the grid infrastructure. In a virtual community agents can play both the role of resource consumers and the role of resource providers, and they remain in control of their resources. We argue that this requirement imposes a distinction between the authorization to access a resource given by the virtual commun...

The SQL standard specifies authorization via a large set of rather opaque rules, which are difficult to understand and dangerous to change. To make the model easier to work with, we formalize the implicit principles behind SQL authorization. We then discuss two extensions, for explicit metadata privileges and general privilege inference on derived objects. Although these are quite simple and ea...

This paper presents a CORBA Security discretionary prototype developed in the context of JaCoWeb Security Project. JaCoWeb Security Project is developing an authorization scheme for large-scale networks that is based on structures and concepts introduced in Web, Java and CORBA for security. This scheme is being developed in order to deal with management of security policies in large-scale netwo...

Anonymity has been formalized and some metrics have been defined in the scope of anonymizing communication channels. In this paper, such formalization has been extended to cope with anonymity in those scenarios where users must anonymously prove that they own certain privileges to perform remote transactions. In these types of scenarios, the authorization policy states the privileges required t...

As Security is the key of success for Web Applications most of the efforts that have been put in this domain have focused on wining users’ trust to adopt the Web environment for their business operations. Although user trust is of paramount importance for Web applications, one also needs to consider Web applications trust towards users here after referred to as user trustworthiness. This paper ...

This paper presents Policap a Policy Service for distributed applications that use CORBA security model. Policap was proposed for insertion in the JaCoWeb Project context, which is developing an authorization scheme for largescale networks. This scheme is being developed in order to deal with management of security policies in such networks, simplifying authorization policy implementation. The ...

The Web service specifications managing authentication and authorization are still a work in progress. A large-scale application built today is in need of a solid authentication and authorization infrastructure. A role-based authentication, authorization and accounting (AAA) concept is able to provide the services needed, while it is possible to gain additional flexibility to handle the co-oper...

Authorization is still an open problem in Ambient Intelligence environments. The difficulty of implementing authorization policies lies in the open and dynamic nature of such environments. The information is distributed among various heterogeneous devices that collect, process, change and share it. Previous work presented a fully distributed approach for reasoning with conflicts in ambient ...

One crucial aspect of information technology for e-Society is security, where authorization is one of the three important factors, besides availability and integrity. During the past years Role-Based Access Control (RBAC) has been proven a sound method of modeling the authorization within an organization. Recently we introduced a novel distributed concept RBAC which is based on distributed gene...