Learn More
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively studied grant delegations, but transfer delegations have largely been ignored. This is largely because(More)
Incorporating security requirements into system design models is receiving increasing interest. Access control requirements are an important part of overall system security requirements. Existing approaches that incorporate access control requirements into system design models have directly been developed on top of specific access control models. In these(More)
Workflow systems have long been of interest to computer science researchers due to their practical relevance. Supporting delegation mechanisms in workflow systems is receiving increasing research interest. In this paper, we conduct a comprehensive study of user delegation operations in computerized workflow systems. In a workflow system, the semantics of a(More)
Constraints are an important part of role-based access control policies. The safety or security of a system is maintained by enforcing constraints that are specified in the policy. In order to decide whether an access request is authorized, existing constraint enforcement mechanisms perform both authorization checking, which verifies that the requested(More)
We describe a framework for risk assessment specifically within the context of risk-based access control systems, which make authorization decisions by determining the security risk associated with access requests and weighing such security risk against operational needs together with situational conditions. Our framework estimates risk as a product of(More)
Certificates have long been used to bind authorization information to an identity or public key. Essentially there are two ways in which a verifying authority (reference monitor) can obtain the information (from a certificate) that is required to make an access control decision: the requesting entity provides the privilege attributes to the verifying(More)
We discuss the design of an integrated security architecture for authorization and au-thentication in a distributed object environment. Our architecture will have four main components: an authentication engine, an interface, a session manager and an authorization engine. The core component of our model is the session manager, which issues XML-based session(More)
Many access control models have been proposed in the literature, and they have been extensively studied under the acronyms of DAC, MAC, RBAC, ABAC, etc. Each of these models has been studied in isolation, but some real-life situations need elements of several of them, in order to properly express data protection needs of complex organizations. A formal(More)
We describe a framework for threat assessment specifically within the context of access control systems, where subjects request access to resources for which they may not be pre-authorized. The framework that we describe includes four different approaches for conducting threat assessment: an object sensitivity-based approach, a subject trustworthiness-based(More)
  • 1