Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...

We present a model-checking algorithm which can be used to evaluate access control policies, and a tool which implements it. The evaluation includes not only assessing whether the policies give legitimate users enough permissions to reach their goals, but also checking whether the policies prevent intruders from reaching their malicious goals. Policies of the access control system and goals of ...

Applications are continuously increasing in both complexity and number of users they serve. Moreover, the set of applications used by organizations is continuously expanding. This poses challenges, not in the least with regard to access control. More specifically, manageability of access control policies becomes more difficult. This leads to administrative overhead and challenges in enforcing a...

We describe an architecture and algorithms for deriving an access control policy by composing access control requirements specified at multiple levels in a command hierarchy. Our method can detect conflicts in requirements, and find a policy that maximally satisfies the requirements, by satisfying higher priority requirements at the expense of lower priority ones. It also allows for easy verifi...

Although several access control policies can be devised for controlling access to information, all existing authorization models, and the corresponding enforcement mechanisms, are based on a speciic policy (usually the closed policy). As a consequence, although diierent policy choices are possible in theory, in practice only a speciic policy can be actually applied within a given system. Howeve...

The rewrite-based approach provides executable specifications for security policies, which can be independently designed, verified, and then anchored on programs using a modular discipline. In this paper, we describe how to perform queries over these rule-based policies in order to increase the trust of the policy author on the correct behavior of the policy. The analysis we provide is founded ...

Managing access control policies in modern computer systems can be challenging and error-prone, especially when multiple access policies are combined to form new policies, possibly introducing unintended consequences. In this paper we present a framework for automated verification of access control policies. We introduce a formal model for systematically specifying access to resources. We show ...

To facilitate managing access control in a system, access control policies are increasingly written in specification languages such as XACML. A dedicated software component called a Policy Decision Point (PDP) interprets the specified policies, receives access requests, and returns responses to inform whether access should be permitted or denied. To increase confidence in the correctness of spe...

Traceability information systems need to collect and process data from multiple companies across the supply chain and many of the business partners are not known in advance. This open-ended security is, in principle, a good match for a Service-Oriented Architecture (SOA) design and for the use of Web Services (WS) technologies because they implement flexible and inter-operable systems based on ...

Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computing, often require integrating access control policies of collaborating parties. Such an integration must be able to support complex authorization specifications and the finegrained integration requirements that the various parties may have. In this paper, we introduce an algebra for fine-grained i...