Commodity software components are intrinsically untrustworthy. It is highly insecure to use them directly in mission critical systems. Part of the insecurity can be attributed to the common-used but flawed mechanisms for discretionary access control, which is coarsegrained and based on user’s privileges. Many alternative mechanisms have been investigated to provide mandatory access control that...

Modern distributed systems tend to be conglomerates of heterogeneous subsystems, which have been designed separately, by di erent people, with little, if any, knowledge of each other | and which may be governed by di erent security policies. A single software agent operating within such a system may nd itself interacting with, or even belonging to, several subsystems, and thus be subject to sev...

Online Social Networks (OSNs) offer access control mechanisms to protect users’ sensitive information from undesired accesses. Yet, their information is still vulnerable to disclosure when their friends assign conflicting privacy policies: a user prohibits everyone from accessing his own content or profile but his friends allow others to see it. OSNs tend to select Permit-Take-Precedence when r...

Pervasive-computing infrastructures necessarily collect a lot of context information to disseminate to their contextaware applications. Due to the personal or proprietary nature of much of this context information, however, the infrastructure must limit access to context information to authorized persons. In this paper we propose a new access-control mechanism for event-based contextdistributio...

In Trust Management and attribute-based access control systems, access control decisions are based on the attributes (rather than the identity) of the requester: Access is granted if Alice’s attributes in her certificates satisfy Bob’s access policy. In this paper, we develop a policy-hiding access control scheme that protects both sensitive attributes and sensitive policies. That is, Bob can d...

One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...

Access control policies (ACPs) characterize the high-level rules according to which the access control of a system is regulated. Generally they are defined separately from the functional requirements (FRs) of an application and added to the system as an afterthought after being built. But, many problems arose during the integration of ACPs and FRs. Hence, over the past years, researchers have s...

Privacy is considered critical for all organizations needing to manage individual related information. As such, there is an increasing need for access control models which can adequately support the specification and enforcement of privacy policies. In this paper, we propose a model, referred to as Conditional Privacy-aware Role Based Access Control (P-RBAC), which supports expressive condition...

This paper shows how Policy-Driven Role-Based Access Control (PDRBAC) techniques can be used to extend the Common Data Security Architecture (CDSA). The extensions provide constraint-based access control and are implemented using a flexible policy description language and a new trust policy enforcement mechanism. The expressiveness of the policy description language is demonstrated by examples ...