One of the most challenging problems in managing large, distributed, and heterogeneous networked systems is specifying and enforcing access control security policies regulating interactions between parties and access to services and resources. Recent proposals for specifying and exchanging access control policies adopt different types of access control languages. In this chapter, we review thre...

Recent years have seen unprecedented growth in the popularity of social network systems, with Facebook being an archetypical example. The access control paradigm behind the privacy preservation mechanism of Facebook is distinctly different from such existing access control paradigms as Discretionary Access Control, Role-Based Access Control, Capability Systems, and Trust Management Systems. Thi...

Programmers of relational database applications use software solutions (Hibernate, JDBC, LINQ, ADO.NET) to ease the development process of business tiers. These software solutions were not devised to address access control policies, much less for evolving access control policies, in spite of their unavoidable relevance. Currently, access control policies, whenever implemented, are enforced by i...

The purpose of access control policies in computing is to guarantee that access to resources is solely restricted to legitimate users. This clarity of purpose does not make the design of these policies any easier. Today’s systems are large in size, have many users with different roles and can be accessed from anywhere and at any time. Systems often allowed users to perform actions and read data...

Abstract Access control is a key service of any data management system. It allows regulating the access to resources at different granularity levels on basis models which vary protection options they offer. The more powerful model in terms requirements, difficult for security administrators understand effect set policies protected resources. This further complicated within schemaless systems, l...

  The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...

Traditional access control models often assume that the entity enforcing access control policies is also the owner of data and resources. This assumption no longer holds when data is outsourced to a third-party storage provider, such as the cloud. Existing access control solutions mainly focus on preserving confidentiality of stored data from unauthorized access and the storage provider. Howeve...