enter search term and/or author name
An algebra for composing access control policies
Piero Bonatti, Sabrina De Capitani di Vimercati, Pierangela Samarati
Despite considerable advancements in the area of access control and authorization languages, current approaches to enforcing access control are all based on monolithic and complete specifications. This assumption is too restrictive when access...
Remus: a security-enhanced operating system
Massimo Bernaschi, Emanuele Gabrielli, Luigi V. Mancini
We present a detailed analysis of the UNIX system calls and classify them according to their level of threat with respect to system penetration. Based on these results, an effective mechanism is proposed to control the invocation of critical, from...
An authorization model for temporal and derived data: securing information portals
Vijayalakshmi Atluri, Avigdor Gal
The term information portals refers to Web sites that serve as main providers of focused information, gathered from distributed data sources. Gathering and disseminating information through information portals introduce new security...