Prior Authorization Information Pre-service approval is required for all inpatient services for all products. See below for situations where prior authorization may be required or may not be required for outpatient services. Yes indicates that prior authorization is required. No indicates that prior authorization is not required. N/A indicates that this service is primarily performed in an inpa...

There is great need for a secure, fine-grained, efficient, and user-friendly authorization infrastructure to protect the services in Grid community. Grid users and administrators still have to deal with authentication and authorization issues in the traditional supercomputer-centric fashion, especially with the host account maintenance and certificate management. This paper proposes a capabilit...

This paper describes SecurSight, an architecture that combines authentication, authorization, and secure communications. The primary goal of this architecture is to secure access to network resources, while providing a smooth migration path from legacy authentication and authorization methods to a public-key infrastructure. Authentication may utilize either shared secrets or public/private key ...

Proper authorization is essential for a QoS signaling protocol. The policy control of future QoS signaling solutions is expected to make use of existing AAA infrastructure for computing the authorization decision. In this paper, we point to two approaches for QoS authorization (based on COPS and Diameter) and present possible extensions and directions for future work.

As the Grid paradigm is adopted as a standard way of sharing remote resources across organizational domains, the need for finegrained access control to these resources increases. This paper presents an authorization solution for job submission and control, developed as part of the National Fusion Collaboratory, that uses the Globus Toolkit 2 and the Akenti authorization service in order to perf...

AbstrucfThe integration of object-oriented programming concepts with databases is one of the most significant advances in the evelution of database systems. Many aspects of such a combination have been studied, but there are few models to provide security for this richly structured information. We develop here an authorization model for object-oriented databases. This model consists of a set of...

Providing adequate access control is crucial for the proper execution of any Web Service (WS) orchestration. Typically, access rules and authorization constraints are defined for a WS orchestration and are resolved over an organizational model at runtime in order to find authorized users to perform orchestration tasks. As known from many practical studies, organizational models are frequently s...

In the recent past, a lot of work has been done in establishing public key infrastructures (PKIs) for electronic commerce (e-commerce) applications. Unfortunately, most of these PKIs can only be used to authenticate the participants of e-commerce applications; they can't be used to properly authorize the participants and to control access to system resources accordingly. Consequently, these PKI...

There has been considerable research in specifying authorization policies for XML documents. Most of these approaches consider only hierarchical structure of underlying data. They define authorization policies by directly identifying XML nodes in the policies. These approaches work well for hierarchical structure but are not suitable for other required characteristics we identify in this paper ...

Distributed authorization provides the ability to control access to resources spread over the Internet. Typical authorization systems consider a range of security information like user identities, role identities or even temporal, spatial and contextual information associated with the access requestor. However, the ability to include computing platform related information has been quite limited...