Automated trust negotiation is a new approach to establishing trust between strangers through the exchange of property-based digital credentials, and the use of mobile access control policies that specify what combinations of credentials a stranger must supply in order to gain access to each local service or credential. In this paper, we show that access control policies can also contain sensit...

With the growth of Enterprises and organizations, the paper-based systems are replaced with software systems. These software systems are built to support a multitude of users with a variety of roles accessing the resources from anywhere and at any time. These operations are regulated through proper definition of Access control policies (Permissions); this plays a major role in protecting the sy...

Wang, Qihua. Ph.D., Purdue University, May 2009. Access Control Policy Management. Major Professor: Ninghui Li. Access control is the traditional center of gravity of computer security [1]. People specify access control policies to control accesses to resources in computer systems. The management of access control policies include policy specification and policy analysis. In this dissertation, ...

Commodity software components are intrinsically untrustworthy. It is highly insecure to use them directly in mission critical systems. Part of the insecurity can be attributed to the common-used but flawed mechanisms for discretionary access control, which is coarsegrained and based on user’s privileges. Many alternative mechanisms have been investigated to provide mandatory access control that...

Wang, Qihua. Ph.D., Purdue University, May 2009. Access Control Policy Management. Major Professor: Ninghui Li. Access control is the traditional center of gravity of computer security [1]. People specify access control policies to control accesses to resources in computer systems. The management of access control policies include policy specification and policy analysis. In this dissertation, ...

Most of current access control systems are not expressive enough for current applications, in the sense that they cannot express several access control policies required by them. Most of these applications have no choice but to build their owned very specific access control systems completely independently from other applications running on the same environment, which entails potential incohere...