Definition XML access control refers to the practice of limiting access to (parts of) XML data to only authorized users. Similar to access control over other types of data and resources, XML access control is centered around two key problems: (i) the development of formal models for the specification of access control policies over XML data; and (ii) techniques for efficient enforcement of acce...

Standard SQL is insufficiently expressive for representing many access control policies that are needed in practice. Nevertheless, we show how rich forms of access control policies can be defined within SQL when small amounts of contextual information are available to query evaluators. Rather than the standard, relational structure perspective that has been adopted for fine-grained access contr...

In open scenarios, where servers may receive requests to access their services from possibly unknown clients, access control is typically based on the evaluation of (certified or uncertified) properties, that clients can present. Since assuming the client to know a-priori the properties she should present to acquire access is clearly limiting, servers should be able to respond to client request...

This thesis evaluates the use of a loadtime metaobject protocol as a practical mechanism for enforcing access control policies upon applications distributed as user-level compiled code. Enforcing access control policies upon user-level compiled code is necessary because there are many situations where users are vulnerable to security breaches because they download and run potentially untrustwor...

XACML is apparently the most convenient way to express attribute-based access control policies. Though XACML has been used in several access control areas, processing XACML policies for attribute-based database access control still has not been studied in depth. In this work we compile XACML policies, and utilize the underlying database access mechanisms such as ACLs to protect sensitive data. ...

The specification of access control policies for large, multi-organization applications is difficult and error-prone. Sophisticated policies are needed for fine-grained control of access to large numbers of entities, resulting in many policies specified by different security administrators. Techniques such as role based access control (RBAC) have been proposed to group policies and provide a fr...

Many different access control policies and models have been developed to suit a variety of goals; these include Role-Based Access Control, One-directional Information Flow, Chinese Wall, Clark-Wilson, N-person Control, and DAC, in addition to more informal ad hoc policies. While each of these policies has a particular area of strength, the notational differences between these policies are subst...

The protection of privacy is an increasing concern in our networked society because of the growing amount of personal information that is being collected by a number of commercial and public services. Emerging scenarios of user-service interactions in the digital world are then pushing toward the development of powerful and flexible privacy-aware models and languages. This paper aims at introdu...