A semantic access control mechanism is used to provide access permission to the authorized users. Some access control models think about the rich semantic relations between the requested and the availing services. They will not filter out the services that do not met both the service providers’ policies as well as the users’ policies, because they offer only coarse-grained access. To solve this...

Access control has been studied for sometime, and there are a number of theories and techniques for handling access control for single or centralised systems; however, unique and challenging security issues concerning collaboration in the context of service oriented computing (SOC) have arisen due to the dynamic and loosely coupled nature of the environment in which these collaborations are con...

In this paper, we propose a novel approach to facilitate the administration of access control policies to ensure the confidentiality of data at the level of materialized views. A materialized view stores both the definition of the view and the rows resulting from the execution of the view. Several techniques and models have been proposed to control access to databases, but to our knowledge the ...

We propose a framework for enforcing access control policies on published XML documents using cryptography. In this framework the owner publishes a single data instance, which is partially encrypted, and which enforces all access control policies. Our contributions include a declarative language for access policies, and the resolution of these policies into a logical “protection model” which pr...

Access Control systems are used in computer security to regulate the access to critical or valuable resources. The rights of subjects to access such resources are typically expressed through access control policies, which are evaluated at access request time against the current access context. This paper proposes a new approach based on blockchain technology to publish the policies expressing t...

This paper describes how the composition principle of Abadi and Lamport can be applied to specify and compose systems where access control policies are distributed among a hierarchy of agents. Examples of such systems are layered secure operating systems, where the mandatory access control policy is enforced by the lowest system layer and discretionary and application-speciic policies are imple...

This paper analyzes the most common security problems of web application level. A model WALSG (Web Application Level Security Gateway) is presented to provide web application level security. WALSG employs XML Schema to specify access control policies and security policies for HTML pages and cookies. WALSG can also be used as a secure tool to define access control policies and security policies ...

An important issue in mobile computing systems is the administration of locationbased access control policies, particularly the mechanism for specification and enforcement of spatial constraints. Simplifying the administration of such policies requires a mechanism that supports both an intuitive and scalable spatial constraint specification and a flexible enforcement architecture. In this paper...

The emerging mobile computing environment draws new attention to the need for coordination among networked components. The very nature of this environment requires parties to interact even when they have never met before, and subsequent encounters are totally unpredictable. Because mobile networks are often decoupled from any fixed network infrastructure, reliance on centralized servers to auth...