The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...

This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...

This paper proposes an Authorization-Pull support for Community Authorization Services (CAS), an authorization-push model for the Grid authorization by the Globus Alliance, to evaluate it in the role of a pull model. The proposed system tries to evaluate the advantages and use of an authorization-pull model in the grid scenario making use of CAS and compares the same with the push-model origina...

Security requirements in distributed software systems are inherently dynamic. In the case of authorization policies, resources are meant to be accessed only by authorized parties, but the authorization to access a resource may be dynamically granted/yielded. We describe ongoing work on a model for specifying communication and dynamic authorization handling. We build upon the π-calculus so as to...

In this paper, we discuss the design issues for an authorization framework for Web Services. In particular, we describe the features required for an authorization policy language for Web Services. We briefly introduce the authorization service provided by Microsoft .NET MyServices and describe our extended authorization model that proposes extensions to the .NET MyServices authorization service...

Authorization is a key aspect in secure software development of multi-user applications. Authorization is often enforced in the program code with enforcement statements. Since authorization is present in numerous places, defects in the enforcement are difficult to discover. One approach to this challenge is to improve the developer usability with regard to authorization. We analyze how software...