Fine-Grained Disclosure of Access Policies
نویسندگان
چکیده
In open scenarios, where servers may receive requests to access their services from possibly unknown clients, access control is typically based on the evaluation of (certified or uncertified) properties, that clients can present. Since assuming the client to know a-priori the properties she should present to acquire access is clearly limiting, servers should be able to respond to client requests with information on the access control policies regulating access to the requested services. In this paper, we present a simple, yet flexible and expressive, approach for allowing servers to specify disclosure policies, regulating if and how access control policies on services can be communicated to clients. Our approach allows fine-grain specifications, thus capturing different ways in which policies, and portions thereof, can be communicated. We also define properties that can characterize the client view of the access control policy.
منابع مشابه
A Unified Scheme for Resource Protection in Automated Trust Negotiation
Automated trust negotiation is an approach to establishing trust between strangers through iterative disclosure of digital credentials. In automated trust negotiation, access control policies play a key role in protecting resources from unauthorized access. Unlike in traditional trust management systems, the access control policy for a resource is usually unknown to the party requesting access ...
متن کاملAccess Control Enforcement for Selective Disclosure of Linked Data
The Semantic Web technologies enable Web-scaled data linking between large RDF repositories. However, it happens that organizations cannot publish their whole datasets but only some subsets of them, due to ethical, legal or confidentiality considerations. Different user profiles may have access to different authorized subsets. In this case, selective disclosure appears as a promising incentive ...
متن کاملFormal Reasoning about Fine-Grained Access Control Policies
Nowadays, most of the main database management systems offer, in one way or another, the possibility of protecting data using fine-grained access control (FGAC) policies, i.e., policies that depend on dynamic properties of the system state. Reasoning about FGAC policies typically amounts to answering questions about whether a security-related property holds in a (possibly infinite) set of syste...
متن کاملDynamic Meta-level Access Control in SQL
Standard SQL is insufficiently expressive for representing many access control policies that are needed in practice. Nevertheless, we show how rich forms of access control policies can be defined within SQL when small amounts of contextual information are available to query evaluators. Rather than the standard, relational structure perspective that has been adopted for fine-grained access contr...
متن کاملOn the Correctness Criteria of Fine-Grained Access Control in Relational Databases
Databases are increasingly being used to store information covered by heterogeneous policies, which require support for access control with great flexibility. This has led to increasing interest in using fine-grained access control, where different cells in a relation may be governed by different access control rules. Although several proposals have been made to support fine-grained access cont...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010