BACKGROUND AND OBJECTIVES Although existing studies suggest that factors affecting families' decisions regarding pediatric organ donation mirror those for adult patients, health professionals working in this area maintain that pediatric and adult decision-makers differ in significant ways. This study compared the request process, experiences, and authorization decisions between family decision-...

We describe an infrastructure for distributed authorization based on the ideas of proof-carrying authorization (PCA). PCA is more general and more flexible than traditional distributed authorization systems. We extend PCA with the notion of goals and sessions, and add a module system to the proof language. Our framework makes it possible to locate and use pieces of the security policy that have...

In systems with shared resources, authorization policy enforcement ensures that these resources are accessible only to users who are allowed to do so. Recently, there is growing interest to (i) extend authorization policy enforcement mechanisms provided by the operating system, and (ii) enable user-space servers to enforce authorization policies on their clients. A popular mechanism for authori...

A reflective approach for modeling and implementing authorization systems is presented. The advantages of the combined use of computational reflection and authorization mechanisms are discussed, and three reflective architectures are examined for pointing out the corresponding merits and defects.

Many organizations struggle with ineffective and/or inefficient access control, but these problems and their consequences often remain invisible to security decision-makers. Prior research has focused on improving the policy-authoring part of authorization and does not consider the full range of underlying problems, and their impact on organizations. We present a study of 118 individuals’ exper...

BACKGROUND Pre-authorization requirements permit managed care organizations control over access to care. Anecdotal reports to the Wisconsin Medicaid program suggest that pre-authorization requirements are so onerous that they are barriers to outpatient mental health care. METHODS Clinicians providing mental health/alcohol and other drug abuse services to Wisconsin Medicaid were surveyed regar...

We study the optimal design of regulation for innovative activities which can have negative social repercussions. compare two alternative regimes may provide firms with different incentives to innovate and produce: lenient authorization strict authorization. find that corruption plays a critical role in choice regime. Corruption exacerbates costs using authorization, under production socially h...

Cryptographic protocols and authorization policies are two leading techniques for securing software systems. The former are concerned with the enforcement of secure communications in distributed systems, while the latter specify which users under which conditions can be granted access to resources of a system. The two have been mostly studied in isolation. Indeed, there are a number of algorith...

Grid systems, which are composed of autonomous domains, are open and dynamic. In such systems, there are usually a large number of users, the users are changeable, and different domains have their own policies. The traditional access control models that are identity based are closed and inflexible. The Attribute Based Access Control (ABAC) model, which makes decisions relying on attributes of r...

The development of adequate security solutions, and in particular of authentication and authorization techniques, for grid computing systems is a challenging task. Recent trends of service oriented architectures (SOA), where users access grids through a science gateway — a web service that serves as a portal between users of a virtual organizations (VO) and the various computation resources, fu...