A Policy-Oriented Language for Expressing Security Specifications

  title={A Policy-Oriented Language for Expressing Security Specifications},
  author={Carlos Ribeiro and Paulo Jos{\'e} Azevedo Vianna Ferreira},
  journal={I. J. Network Security},
Organizations’ authorization policies are usually described by access control rules enforced on each protected object scattered all over the organization. Having a single global security policy specification would promote both security clarity and coherency [4, 9, 18, 31, 37]. Having a single security model for the whole organization, a single point of management and enforcement with a innumerous set of unknown users, does not scale well. However, both the policy enforcement and the mapping of… CONTINUE READING
Highly Cited
This paper has 22 citations. REVIEW CITATIONS


Publications referenced by this paper.
Showing 1-10 of 50 references

Uma Plataforma Para Poĺıticas de Autorização Para Organizações

  • C. Ribeiro
  • PhD thesis, Instituto Superior Técnico,
  • 2002
Highly Influential
5 Excerpts

Inside Microsoft Windows 2000

  • D. A. Solomon, M. E. Russinovich
  • Microsoft Press
  • 2000
Highly Influential
4 Excerpts

The Ponder policy specification language,

  • N. Damianou, N. Dulay, E. Lupu, M. Sloman
  • Policy 2001: Workshop on Policies for Distributed…
  • 1995
Highly Influential
13 Excerpts

OASIS eXtensible access control markup language (XACML), OASIS draft version

  • S. Godik, T. Moses
  • 2002
Highly Influential
8 Excerpts

Similar Papers

Loading similar papers…