Logical formulas and enumeration are the two major ways for specifying authorization policies in Attribute Based Access Control (ABAC). While considerable research has been done for specifying logical-formula authorization policy ABAC, there has been less attention to enumerated authorization policy ABAC. This paper presents a finite attribute, finite domain ABAC model for enumerated authorizat...

Custom SME applications for collaboration and workflow have become affordable when implemented as Web applications employing Agile methodologies. Security engineering is still difficult with Agile development, though: heavy-weight processes put the improvements of Agile development at risk. We propose Agile security engineering and increased end-user involvement to improve Agile development wit...

Different authorization schemes for Internet applications have been proposed during the last years as solutions for the distributed authorization problem. Because delegation is a concept derived from authorization, this paper studies and put into perspective the delegation implications, issues and concepts that are derived from a number of those authorization schemes. For our study, we have sel...

With the emergence of tighter corporate policies and government regulations, access control has become an integral part of business requirements in enterprises. The authorization process in enterprise systems follow the request-response model, where a policy enforcement point intercepts application requests, obtains authorization decisions from a remote policy decision point, and enforces those...

Though traditional authorization models can ensure the security of equipment, they don’t offer promise both for good quality of service and for strong system robustness. Therefore, this paper presents a semi-distributed authorization model which splits the single decision point into two roles: core-authorization decision point and sub-authorization decision point. In this model, several deci‐ s...

In access control, it is a reasonable requirement that authorization mechanism can be implemented intelligently by logic programs. We propose an authorization framework based on logic programs, ranging from design, analysis, and implementation. Our proposed framework is powerful and useful, with RBAC features, flexible authorization, logic-based formalization and integration of policies. It can...

Prior Authorization Information Pre-service approval is required for all inpatient services for all products. See below for situations where prior authorization may be required or may not be required. Yes indicates that prior authorization is required. No indicates that prior authorization is not required. N/A indicates that this service is primarily performed in an inpatient setting. Outpatien...