Learn More
The concept of cohesion in a class has been the subject of various recent empirical studies and has been measured using many different metrics. In the structured programming paradigm, the software engineering community has adopted an informal yet meaningful and understandable definition of cohesion based on the work of Yourdon and Constantine. The(More)
User delegation is a mechanism for assigning access rights available to a user to another user. A delegation operation can either be a grant or transfer operation. Delegation for role-based access control models have extensively studied grant delegations. However, transfer delegations for role-based access control have largely been ignored. This is largely(More)
We introduce the concept of administrative scope in a role hierarchy and demonstrate that it can be used as a basis for role-based administration. We then develop a family of models for role hierarchy administration (RHA) employing administrative scope as the central concept. We then extend RHA<inf>4</inf>, the most complex model in the family, to a(More)
Service-Level Agreements (SLAs) mitigate the risks of a service-provision scenario by associating financial penalties with aberrant service behaviour. SLAs are useless if their provisions can be unilaterally ignored by a party without incurring any liability. To avoid this, it is necessary to ensure that each party's conformance to its obligations can be(More)
Role-based access control and role hierarchies have generated considerable research activity in recent years.In many role-based models the role hierarchy partially determines which roles and permissions are available to users via various inheritance mechanisms.In this paper, we consider the nature of permissions more closely than is customary in the(More)
Traditional authorization policies are user-centric, in the sense that authorization is defined, ultimately, in terms of user identities. We believe that this user-centric approach is inappropriate for many applications, and that what should determine authorization is the relationships that exist between entities in the system. While recent research has(More)
Thirty years after oxygen isotope records from microfossils deposited in ocean sediments confirmed the hypothesis that variations in the Earth's orbital geometry control the ice ages, fundamental questions remain over the response of the Antarctic ice sheets to orbital cycles. Furthermore, an understanding of the behaviour of the marine-based West Antarctic(More)
Ferritin, the main iron-storage protein, is composed of two partially homologous subunits, heavy (H) and light (L), with MrS of 21,000 and 19,000, respectively. We have isolated a cDNA clone for human ferritin H chains by screening a human lymphocyte cDNA library with synthetic oligodeoxyribonucleotides. The oligonucleotide sequences were derived from two(More)
A workflow specification defines a set of steps and the order in which these steps must be executed. Security requirements may impose constraints on which groups of users are permitted to perform subsets of these steps. A workflow specification is said to be satisfiable if there exists an assignment of users to workflow steps that satisfies all the(More)