ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A modular approach to composing access control policies
Full text PdfPdf (659 KB)
Source Conference on Computer and Communications Security archive
Proceedings of the 7th ACM conference on Computer and communications security table of contents
Athens, Greece
Pages: 164 - 173  
Year of Publication: 2000
ISBN:1-58113-203-4
Authors
Piero Bonatti  Dip. Scienze dell'Informazione, Polo di Crema, Università di Milano, Via Bramante 65, 26013 Crema, Italy
Sabrina de Capitani di Vimercati  Dip. Elettronica, Università di Brescia, Via Branze 38, 25123 Brescia, Italy
Pierangela Samarati  Dip. Scienze dell'Informazione, Polo di Crema, Università di Milano, Via Bramante 65, 26013 Crema, Italy
Sponsors
Greek Com Soc : Greek Computer Society
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Athens U of Econ & Business : Athens University of Economics and Business
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 56,   Citation Count: 17
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/352600.352623
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
M. Abadi and L. Lamport. Composing speci~cations. ACM Transactions on Programming Languages, 14(4):1{60, October 1992.
 
2
D. Banisar and S. Davies. Privacy & Human Rights - An International Survey of Privacy Laws and Developments. EPIC, 1999.
3
Elisa Bertino , Sushil Jajodia , Pierangela Samarati, A flexible authorization mechanism for relational data management systems, ACM Transactions on Information Systems (TOIS), v.17 n.2, p.101-140, April 1999  [doi>10.1145/306686.306687]
 
4
Ernesto Damiani , Sabrina de Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, Design and implementation of an access control processor for XML documents, Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking, p.59-75, June 2000, Amsterdam, The Netherlands
 
5
H.H. Hosmer. The multipolicy paradigm. In Proc. of the 15th National Computer Security Conference, pages 409{422, Baltimore, MD, October 1992.
 
6
Trent Jaeger, Access control in configurable systems, Secure Internet programming: security issues for mobile and distributed objects, Springer-Verlag, London, 2001
 
7
Sushil Jajodia , Pierangela Samarati , V. S. Subrahmanian, A Logical Language for Expressing Authorizations, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.31, May 04-07, 1997
8
Sushil Jajodia , Pierangela Samarati , V. S. Subrahmanian , Eliza Bertino, A unified framework for enforcing multiple access control policies, Proceedings of the 1997 ACM SIGMOD international conference on Management of data, p.474-485, May 11-15, 1997, Tucson, Arizona, United States
9
Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981  [doi>10.1145/356850.356852]
 
10
Ninghui Li , Joan Feigenbaum , Benjamin N. Grosof, A Logic-based Knowledge Representation for Authorization with Delegation, Proceedings of the 1999 IEEE Computer Security Foundations Workshop, p.162, June 28-30, 1999
 
11
J. W. Lloyd, Foundations of logic programming, Springer-Verlag New York, Inc., New York, NY, 1984
 
12
T.F. Lunt. Access control policies for database systems. In C.E. Landwehr, editor, Database Security II: Status and Prospects, pages 41{52. North-Holland, 1989.
13
Fausto Rabitti , Elisa Bertino , Won Kim , Darrell Woelk, A model of authorization for next-generation database systems, ACM Transactions on Database Systems (TODS), v.16 n.1, p.88-131, March 1991  [doi>10.1145/103140.103144]
 
14
K. Sagonas, T. Swift, D.S. Warren, J. Freire, and P. Rao. The XSB programmer's manual, version 2.2. http://xsb.sourceforge.net, April 2000.
15
HongHai Shen , Prasun Dewan, Access control for collaborative environments, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.51-58, November 01-04, 1992, Toronto, Ontario, Canada  [doi>10.1145/143457.143461]
 
16
L. Sterling and E. Shapiro. The art of Prolog. MIT Press, Cambridge, MA, 1997.
 
17
V.S. Subrahmanian, S. Adali, A. Brink, R. Emery, J.J. Lu, A. Rajput, T.J. Rogers, R. Ross, and C. Ward. Hermes: Heterogeneous reasoning and mediator system. http://www.cs.umd.edu/projects/publications/ abstracts/hermes.html.
 
18
T.Y.C. Woo and S.S. Lam. Authorizations in distributed systems: A new approach. Journal of Computer Security, 2(2,3):107{136, 1993.

CITED BY  17
Jonathon E. Tidswell , John M. Potter, A graphical definition of authorization schema in the DTAC model, Proceedings of the sixth ACM symposium on Access control models and technologies, p.109-120, May 2001, Chantilly, Virginia, United States
Horst F. Wedde , Mario Lischka, Modular authorization, Proceedings of the sixth ACM symposium on Access control models and technologies, p.97-105, May 2001, Chantilly, Virginia, United States
Piero Bonatti , Sabrina De Capitani di Vimercati , Pierangela Samarati, An algebra for composing access control policies, ACM Transactions on Information and System Security (TISSEC), v.5 n.1, p.1-35, February 2002
Duminda Wijesekera , Sushil Jajodia, Policy algebras for access control: the propositional case, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
Duminda Wijesekera , Sushil Jajodia, Policy algebras for access control the predicate case, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA
Susan Chapin , Don Faatz , Sushil Jajodia , Amgad Fayad, Consistent policy enforcement in distributed systems using mobile policies, Data & Knowledge Engineering, v.43 n.3, p.261-280, December 2002
Duminda Wijesekera , Sushil Jajodia, A propositional policy algebra for access control, ACM Transactions on Information and System Security (TISSEC), v.6 n.2, p.286-325, May 2003
Sushil Jajodia , Duminda Wijesekera, Recent advances in access control models, Proceedings of the fifteenth annual working conference on Database and application security, p.3-15, July 15-18, 2001, Niagara, Ontario, Canada
M. Koch , L. V. Mancini , F. Parisi-Presicce, On the specification and evolution of access control policies, Proceedings of the sixth ACM symposium on Access control models and technologies, p.121-130, May 2001, Chantilly, Virginia, United States
Ninghui Li , Qihua Wang, Beyond separation of duty: an algebra for specifying high-level security policies, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
Zhiqiang Lin , Chao Wang , Bing Mao , Li Xie, A policy flexible architecture for secure operating system, ACM SIGOPS Operating Systems Review, v.39 n.3, p.24-33, July 2005
Victoria Ungureanu, Using certified policies to regulate E-commerce transactions, ACM Transactions on Internet Technology (TOIT), v.5 n.1, p.129-153, February 2005
Ninghui Li , Qihua Wang, Beyond separation of duty: An algebra for specifying high-level security policies, Journal of the ACM (JACM), v.55 n.3, p.1-46, July 2008
Adam J. Lee , Jodie P. Boyer , Lars E. Olson , Carl A. Gunter, Defeasible security policy composition for web services, Proceedings of the fourth ACM workshop on Formal methods in security, p.45-54, November 03-03, 2006, Alexandria, Virginia, USA
Angelos D. Keromytis , Jonathan M. Smith, Requirements for scalable access control and security management architectures, ACM Transactions on Internet Technology (TOIT), v.7 n.2, p.8-es, May 2007
Petros Belsis , Stefanos Gritzalis , Sokratis K. Katsikas, Partial and Fuzzy Constraint Satisfaction to Support Coalition Formation, Electronic Notes in Theoretical Computer Science (ENTCS), 179, p.75-86, July, 2007
Qun Ni , Elisa Bertino , Jorge Lobo, D-algebra for composing access control policy decisions, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, March 10-12, 2009, Sydney, Australia

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.7 Database Administration
          Subjects: Security, integrity, and protection

Additional Classification:
  D. Software
  D.1 PROGRAMMING TECHNIQUES
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls

  F. Theory of Computation
  F.4 MATHEMATICAL LOGIC AND FORMAL LANGUAGES
      F.4.1 Mathematical Logic
          Subjects: Logic and constraint programming

  I. Computing Methodologies
  I.2 ARTIFICIAL INTELLIGENCE
      I.2.3 Deduction and Theorem Proving
          Subjects: Logic programming

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS


General Terms:
Design, Performance, Security, Theory


Keywords:
access control, algebra, logic programs, policy composition

Collaborative Colleagues:
Piero Bonatti: colleagues
Sabrina de Capitani di Vimercati: colleagues
Pierangela Samarati: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player