[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] Bibliography on access control and policies
Attached is a bibliography on access control, access control policy, and access control policy languages. There are some annotations and some abstracts included. Michiharu, could you perhaps add this to the documents section? Perhaps we could update it with additional "background" works as we go along. Anne -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
@TechReport{abadi:3,
author = {M. Abadi and M. Burrows and B. Lampson and G. Plotkin},
title = {A Calculus for Access Control in Distributed Systems},
institution = {Digital Equipment Corporation},
year = {1991},
address = {\htmladdnormallink{http://gatekeeper.dec.com/pub/DEC/SRC/research-reports/abstracts/src-rr-070.html}{http://gatekeeper.dec.com/pub/DEC/SRC/research-reports/abstracts/src-rr-070.html}},
month = {Aug},
note = {cited in \cite{abadi:4}}
}
@TechReport{adams:1,
author = {Carlisle Adams},
title = {{XACML} Policy Proposal},
institution = {{OASIS}},
year = {2001},
address = {\htmladdnormallink{http://www.oasis-open.org/committees/xacml/docs/xacmlprop.doc}{http://www.oasis-open.org/committees/xacml/docs/xacmlprop.doc}},
month = {Jun},
note = {Proposes the X.509 PrivilegePolicy syntax from non-normative annex, translated into XML}
}
@TechReport{anderson:16,
author = {Anne Anderson},
title = {Java[TM] Access Control Mechanisms}
institution = {Sun Microsystems Laboratories},
year = {2002},
type = {Technical Report},
number = {2002-0134},
month = {March}
}
@InProceedings{bai:1,
author = {Yun Bai and Vijay Varadharajan},
title = {A Logic for State Transformations in Authorization Policies},
booktitle = {Proceedings of the 10th Computer Security Foundations Workshop},
year = {1997},
address = {\htmladdnormallink{http://computer.org/proceedings/csfw/7990/79900173abs.htm}{http://computer.org/proceedings/csfw/7990/79900173abs.htm}},
abstract = {In a multi-user, information-sharing system, authorization policy provides the ability to limit and control access to system, applications and information. In the real world, an authorization policy has temporal properties. That is, it needs to be updated to capture the changing requirements of applications, systems and users. These updates are implemented via transformation of authorization policies. In this paper, we propose a logic based approach to specify and to reason about state transformations in authorization policies. The authorization policy is specified using a policy base which comprises a finite set of facts and access constraints. We define the structure of the policy transformation and employ a model-based semantics to perform the transformation under the principle of minimal change. Furthermore, we extend model-based semantics by introducing preference ordering to resolve possible conflicts during transformation of policies. We also discuss the implementation of the model based transformation approach and outline the relevant algorithms.},
note = {{IEEE} {CS} {DL}}
}
@TechReport{baize:1,
author = {Eric Baize and Stephen Farrell},
title = {The {SESAME} V5 {GSS}-{API} Mechanism},
institution = {{IETF} {CAT} Working Group},
year = {1996},
address = {\htmladdnormallink{http://choices.cs.uiuc.edu/Security/nephilim/draft-ietf-cat-sesamemech-02.txt}{http://choices.cs.uiuc.edu/Security/nephilim/draft-ietf-cat-sesamemech-02.txt}},
month = {Nov},
note = {draft-ietf-cat-sesamemech-02.txt}
}
@InProceedings{baldwin:1,
author = {R. W. Baldwin},
title = {Naming and Grouping Privileges to Simplify Security Management in Large Databases},
booktitle = {Proceedings of the 1990 {IEEE} Symposium on Security and Privacy},
pages = {116-132},
year = {1990},
month = {May},
note = {on {IEEE} Symposium on Security and Privacy {CD}; cited in \cite{didriksen:1} as source for his role concept}
}
@InProceedings{barkley:1,
author = {John Barkley},
title = {Comparing Simple Role Based Access Control Models and Access Control Lists},
booktitle = {Second {ACM} Workshop on Role-Based Access Control},
year = {1997},
address = {\htmladdnormallink{http://hissa.ncsi.nist.gov/rbac/iirf.ps}{http://hissa.ncsi.nist.gov/rbac/iirf.ps}},
organization = {{ACM}}
}
@TechReport{bell:1,
author = {D. E. Bell and L. J. La~Padula},
title = {Secure computer systems: mathematical foundations},
institution = {{MITRE} Corp, Bedford, {MA}},
year = {1973},
number = {{MTR}-2547, vol.1-2},
address = {\htmladdnormallink{http://www.mitre.org/resources/centers/infosec/infosec.html}{http://www.mitre.org/resources/centers/infosec/infosec.html}},
note = {Bell-LaPadula model}
}
@InProceedings{bina:1,
author = {E. Bina and V. Jones and R. McCool and M. Winslett},
title = {Secure Access to Data Over the Internet},
booktitle = {Proceedings of the 3rd {ACM}/{IEEE} International Conference on Parallel and Distributed Information Systems, Austin, Texas},
year = {1994},
address = {\htmladdnormallink{http://drl.cs.uiuc.edu/pubs/SecureDBAccess.ps}{http://drl.cs.uiuc.edu/pubs/SecureDBAccess.ps}},
month = {Sep}
}
@InProceedings{blaze:1,
author = {Matt Blaze and J. Feigenbaum and J. Lacy},
title = {Decentralized Trust Management},
booktitle = {Proceedings of the 17th Symposium on Security and Privacy},
pages = {164-173},
year = {1996},
note = {cited in \cite{abadi:4}}
}
@InBook{blaze:3,
author = {Matt Blaze and Joan Feigenbaum and John Ioannidis and Angelos D. Keromytis},
editor = {Jan Vitek and Christian Jensen},
title = {Secure Internet Programming: Security Issues for Mobile and Distributed Objects},
chapter = {The Role of Trust Management in Distributed Systems Security},
publisher = {Springer-Verlag Inc, New York, {NY}, {USA}},
address = {\htmladdnormallink{http://www.cis.upenn.edu/$\sim$angelos/Papers/SIP99-trustmgt.ps.gz}{http://www.cis.upenn.edu/~angelos/Papers/SIP99-trustmgt.ps.gz}},
year = {??},
note = {{Has good overview of the various PolicyMaker and KeyNote papers, along with a comparison to {REFEREE}.}{Does not solve problem of certificate lookup, when certs are key and not name-oriented.}}
}
@InProceedings{blaze:4,
author = {Matt Blaze and Joan Feigenbaum and Martin Strauss},
title = {Compliance Checking in the PolicyMaker Trust Management System},
booktitle = {Financial Cryptography 1998, Anguila},
address = {\htmladdnormallink{http://www.cis.upenn.edu/$\sim$angelos/\-Misc/\-Compliance\_checking\_in\_the\_PolicyMaker\_trust\_management\_system.ps.gz}{http://www.cis.upenn.edu/~angelos/Misc/Compliance\_checking\_in\_the\_PolicyMaker\_trust\_management\_system.ps.gz}},
year = {1998}
}
@TechReport{blaze:8,
author = {Matt Blaze and John Ioannidis and Angelos D. Keromytis},
title = {Compliance Checking and {IPSEC} Policy Management},
institution = {{IETF}},
year = {2000},
address = {\htmladdnormallink{http://www.crypto.com/papers/draft-blaze-ipsp-trustmgt-XX.txt}{http://www.crypto.com/papers/draft-blaze-ipsp-trustmgt-XX.txt}},
month = {Mar},
note = {draft-blaze-ipsp-trustmgt-00.txt}
}
@TechReport{blaze:9,
author = {M. Blaze and A. Keromytis and M. Richardson and L. Sanchez},
title = {IPsec Policy Architecture},
institution = {{IETF}},
year = {2000},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/ipsp-charter.html}{http://www.ietf.org/html.charters/ipsp-charter.html}},
month = {Jul},
note = {draft-ietf-ipsp-arch-00.txt}
}
@TechReport{blaze:10,
author = {M. Blaze and J. Feigenbaum and J. Ioannidis and A. Keromytis},
title = {The KeyNote Trust-Management System Version 2},
institution = {{IETF}},
year = {1999},
type = {Informational {RFC}},
number = {2704},
address = {\htmladdnormallink{ftp://ftp.isi.edu/in-notes/rfc2704.txt}{ftp://ftp.isi.edu/in-notes/rfc2704.txt}},
month = {Sep},
note = {{Has detailed KeyNote syntax.}{KeyNote does more work in the trust-mgmt system than PolicyMaker, such as certificate verification and attribute checking; PolicyMaker has application do these.}}
}
@InProceedings{chen:1,
author = {F. Chen and R. S. Sandhu},
title = {Constraints for Role-Based Access Control},
booktitle = {Proceedings of the 1st {ACM}/{NIST} Role Based Access Control Workshop, Gaithersburg, Maryland, {USA}},
year = {1995},
publisher = {{ACM} Press},
note = {cited in \cite{damianou:1}. Uses OCL \cite{uml:1}.}
}
@InProceedings{ching:1,
author = {N. Ching and V. Jones and M. Winslett},
title = {Authorization in the digital library: Secure access to services across enterprise boundaries},
booktitle = {Proceedings of {ADL} '96 -- Forum on Research and Technology Advances in Digital Libraries},
year = {1996},
address = {\htmladdnormallink{http://drl.cs.uiuc.edu/pubs/adl96.ps}{http://drl.cs.uiuc.edu/pubs/adl96.ps}},
month = {May}
}
@InProceedings{cholvy:1,
author = {L. Cholvy and F. Cuppens},
title = {Analyzing Consistency of Security Policies},
booktitle = {Proceedings of the {IEEE} Symposium on Security and Privacy ({SP}'97)},
year = {1997},
organization = {{IEEE}}
}
@Article{chu:1,
author = {Y.~-H. Chu and J. Feigenbaum and B. LaMacchia and P. Resnick and M. Strauss},
title = {{REFEREE}: Trust Management for Web Applications},
journal = {World Wide Web Journal},
year = {1997},
volume = {2},
pages = {127-139},
address = {\htmladdnormallink{http://www.farcaster.com/papers/www6-referee/www6-referee.htm}{http://www.farcaster.com/papers/www6-referee/www6-referee.htm}},
note = {probably KeyNote stuff, since Feigenbaum}
}
@TechReport{cistnrc:1,
author = {{Committee on Information Systems Trustworthiness}},
title = {Trust in Cyberspace},
institution = {National Research Council},
year = {1999},
address = {\htmladdnormallink{http://www.nap.edu/readingroom/books/trust/index.htm}{http://www.nap.edu/readingroom/books/trust/index.htm}},
note = {entire book is on-line; covers authorization}
}
@TechReport{cohen:1,
author = {Fred Cohen},
title = {Introductory Information Protection},
institution = {Fred Cohen and Associates},
year = {1995},
address = {\htmladdnormallink{http://www.all.net/books/ip/top.html}{http://www.all.net/books/ip/top.html}},
note = {Good policy coverage in Chapter 4}
}
@InProceedings{cole:1,
author = {James Cole and John Derrick and Zoran Milosevic and Kerry Raymond},
title = {Policies in an Enterprise Specification},
booktitle = {Policy2001 Workshop, {HP} Labs, Bristol, {UK}},
year = {2001},
month = {Jan}
}
@TechReport{condell:1,
author = {M. Condell and C. Lynn and J. Zao},
title = {Security Policy Specification Language},
institution = {{IETF} {IP} Security Working Group},
year = {2000},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/ipsp-charter.html}{http://www.ietf.org/html.charters/ipsp-charter.html}},
month = {Mar},
note = {draft-ietf-ipsp-spsl-00.txt}
}
@InProceedings{cuppens:1,
author = {Frederic Cuppens and Claire Saurel},
title = {Specifying a Security Policy: A Case Study},
booktitle = {1996 {IEEE} Computer Society Computer Security Foundations Workshop ({CSFW}9)},
pages = {123-135},
year = {1996},
address = {\htmladdnormallink{http://www.cert.fr/francais/deri/cuppens/csfw96.ps}{http://www.cert.fr/francais/deri/cuppens/csfw96.ps}},
organization = {{IEEE} Computer Society},
note = {referenced in \cite{ribeiro:1} as only example of language supporting concept of obligation}
}
@InProceedings{didriksen:1,
author = {Tor Didriksen},
title = {Rule Based Database Access Control - A Practical Approach},
booktitle = {Proceedings of the 2nd {ACM} Workshop on Role-based Access Control},
key = {application, assumed, routing, authorization, con, columns, protected, automatically, aspects, database table {USER}, fragment {TRUNKPROG} foreign, Database Language {SQL}, database table {ORGUNIT}, Entire Table Fragmentation, introduces database rules, users bro},
pages = {143-151},
year = {1997},
month = {Nov},
address = {\htmladdnormallink{http://www.acm.org/pubs/articles/proceedings/commsec/266741/p143-didriksen/p143-didriksen.pdf}{http://www.acm.org/pubs/articles/proceedings/commsec/266741/p143-didriksen/p143-didriksen.pdf}},
abstract = {There is typically a large semantic gap between the security
policies of an organization and the available
access control language of a {DBMS}. Some of the
access constraints are handled by the database
management system, while some constraints can only
be enforced by the applications. It is desirable to
move more of the access control into the database.
This would simplify the job of the security
administrator, and would also simplify the
development and maintenance of applications. Entire
Table Fragmentation For tables which are owned
entirely by a single organizational unit we may
specify the owner directly, or indirectly via an
owner table.},
note = {{ACM} {DL}}
}
@TechReport{damianou:1,
author = {Nicodemos Damianou and Naranker Dulay and Emil Lupu and Morris Sloman},
title = {The Ponder Policy Specification Language},
institution = {Dept. of Computing, Imperial College, London},
year = {2000},
number = {V5},
address = {\htmladdnormallink{http://www.doc.ic.ac.uk/$\sim$mss/Papers/Ponder-summary.pdf}{http://www.doc.ic.ac.uk/~mss/Papers/Ponder-summary.pdf}},
month = {Aug},
note = {Very similar to \cite{damianou:5}}
}
@TechReport{damianou:2,
author = {Nicodemos Damianou},
title = {Ponder A Policy Language for Distributed Systems Management},
institution = {Dept. of Computing, Imperial College, London},
year = {2000},
address = {\htmladdnormallink{http://www.doc.ic.ac.uk/Research/policies/ponder.html}{http://www.doc.ic.ac.uk/Research/policies/ponder.html}},
month = {Jul},
note = {Web site for Ponder}
}
@TechReport{damianou:3,
author = {Nicodemos Damianou and Naranker Dulay and Emil Lupu and Morris Sloman},
title = {Ponder: A Language for Specifying Security and Management Policies for Distributed Systems; The Language Specification, Version 2.3},
institution = {Dept. of Computing, Imperial College, London},
year = {2000},
type = {Imperial College Research Report},
number = {DoC 2001},
address = {\htmladdnormallink{http://www-dse.doc.ic.ac.uk/Research/policies/files/PonderSpec.pdf}{http://www-dse.doc.ic.ac.uk/Research/policies/files/PonderSpec.pdf}},
month = {Oct},
note = {Version 2.3}
}
@TechReport{damianou:4,
author = {Nicodemos Damianou},
title = {The Policy Framework},
institution = {Dept. of Computing, Imperial College, London},
year = {1999},
address = {\htmladdnormallink{http://www-dse.doc.ic.ac.uk/Research/policies/PolicyFramework.html}{http://www-dse.doc.ic.ac.uk/Research/policies/PolicyFramework.html}},
month = {Nov}
}
@InProceedings{damianou:5,
author = {Nicodemos Damianou and Naranker Dulay and Emil Lupu and Morris Sloman},
title = {The Ponder Policy Specification Language},
booktitle = {Proceedings of Policy 20001: Workshop on Policies for Distributed Systems and Networks, {HP} Labs, Bristol, {UK}},
pages = {17-28},
year = {2001},
volume = {1995},
series = {LNCS},
address = {\htmladdnormallink{http://www.doc.ic.ac.uk/$\sim$mss/Papers/Ponder-Policy01V5.pdf}{http://www.doc.ic.ac.uk/~mss/Papers/Ponder-Policy01V5.pdf}},
month = {Jan},
publisher = {Springer-Verlag},
note = {Very similar to \cite{damianou:1}}
}
@TechReport{drl:1,
author = {{Database Research Laboratory}},
title = {Internet Credentials Demonstration: a secure version of the {ACM} {SIGMOD} Record},
institution = {University of Illinois},
year = {1997},
key = {Database},
address = {\htmladdnormallink{http://drl.cs.uiuc.edu/security/credentials/info/index.html}{http://drl.cs.uiuc.edu/security/credentials/info/index.html}},
month = {Jan},
note = {The references section has lots of related work, most of which I have entered into this bibliography. The review of "related work" may also be helpful to us.}
}
@TechReport{durham:1,
author = {D Durham and others},
title = {The {COPS} (Common Open Policy Service) Protocol},
institution = {IETF},
year = {2000},
type = {RFC},
number = {2748},
month = {Jan}
}
@TechReport{ecma:219,
author = {{ECMA}},
title = {Standard {ECMA}-219: Authentication and Privilege Attribute Security Application with related Key Distribution Functions -Part 1, 2 and 3},
institution = {{ECMA}},
year = {1996},
number = {2},
address = {\htmladdnormallink{http://www.ecma.ch/ecma1/STAND/ecma-219.htm}{http://www.ecma.ch/ecma1/STAND/ecma-219.htm}},
month = {Mar}
}
@InProceedings{edjlali:1,
author = {Guy Edjlali and Anurag Acharya and Vipin Chaudhary},
title = {History-based Access Control for Mobile Code},
booktitle = {5th Conference on Computer and Communications Security, San Francisco, {CA}},
year = {1998},
address = {\htmladdnormallink{http://www.cs.ucsb.edu/$\sim$acha/publications/ccs98-submitted.html}{http://www.cs.ucsb.edu/~acha/publications/ccs98-submitted.html}},
month = {Nov},
organization = {{ACM}},
abstract = {In this paper, we present a history-based access-control mechanism
that is suitable for mediating accesses from mobile
code. The key idea behind history-based
access-control is to maintain a selective history of
the access requests made by individual programs and
to use this history to improve the differentiation
between safe and potentially dangerous
requests. What a program is allowed to do depends on
its own behavior and identity in addition to
currently used discriminators like the location it
was loaded from or the identity of its
author/provider. History-based access-control has
the potential to significantly expand the set of
programs that can be executed without compromising
security or ease of use. We describe the design and
implementation of Deeds, a history-based
access-control mechanism for Java. Access-control
policies for Deeds are written in Java, and can be
updated while the programs whose accesses are being
mediated are still executing. }
}
@TechReport{ellison:1,
author = {C. Ellison and G. Frantz and B. Lampson and R. Rivest and B. Thomas and T. Ylonen},
title = {{SPKI} Certificate Theory},
institution = {{IETF}},
year = {1999},
type = {Experimental {RFC}},
number = {2693},
address = {\htmladdnormallink{http://www.ietf.org/rfc/rfc2693.txt}{http://www.ietf.org/rfc/rfc2693.txt}},
month = {Sep},
note = {cited in \cite{abadi:4}}
}
@TechReport{ellison:2,
author = {Carl M. Ellison and Bill Frantz and Butler Lampson and Ron Rivest and Brian M. Thomas and Tatu Ylonen},
title = {Simple Public Key Certificate},
institution = {{IETF}},
year = {1999},
type = {draft},
number = {06},
address = {\htmladdnormallink{http://world.std.com/$\sim$cme/spki.txt}{http://world.std.com/~cme/spki.txt}},
month = {Jul},
note = {draft-ietf-spki-cert-structure-06.txt; gives examples of certificates that fit {RFC}2693 \cite{ellison:1}}
}
@TechReport{ellison:3,
author = {Carl M. Ellison and Bill Frantz and Butler Lampson and Ron Rivest and Brian M. Thomas and Tatu Ylonen},
title = {{SPKI} Examples},
institution = {{IETF}},
year = {1998},
type = {draft},
number = {01},
address = {\htmladdnormallink{http://world.std.com/$\sim$cme/examples.txt}{http://world.std.com/~cme/examples.txt}},
month = {Mar},
note = {draft-ietf-spki-cert-examples-01.txt; gives examples of certificates that fit {RFC}2693 \cite{ellison:1}}
}
@TechReport{ellison:4,
author = {C. Ellison},
title = {{SPKI} Requirements},
institution = {{IETF}},
year = {1999},
type = {Experimental {RFC}},
address = {\htmladdnormallink{http://www.ietf.org/rfc/rfc2692.txt}{http://www.ietf.org/rfc/rfc2692.txt}},
month = {Sep}
}
@TechReport{farrell:1,
author = {S. Farrell and R. Housley},
title = {An Internet Attribute Certificate Profile for Authorization},
institution = {{IETF} {PKIX} Working Group},
year = {2000},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/pkix-charter.html}{http://www.ietf.org/html.charters/pkix-charter.html}},
month = {Aug},
note = {draft-ietf-pkix-ac509prof-05.txt}
}
@InProceedings{ferraiolo:1,
author = {Ferraiolo and Cugini and Kuhn},
title = {Role based Access Control: Features and Motivations},
booktitle = {Computer Security Applications Conference},
year = {1995},
address = {\htmladdnormallink{http://hissa.ncsl.nist.gov/rbac/newpaper/rbac.ps}{http://hissa.ncsl.nist.gov/rbac/newpaper/rbac.ps}},
organization = {{NIST}}
}
@InProceedings{ferraiolo:2,
author = {David F. Ferraiolo and Richard Kuhn},
title = {Role based Access Control},
booktitle = {15th National Computer Security Conference},
year = {1992},
address = {\htmladdnormallink{http://hissa.ncsl.nist.gov/rbac/paper/rbac1.ps}{http://hissa.ncsl.nist.gov/rbac/paper/rbac1.ps}},
organization = {{NIST}}
}
@TechReport{ferraiolo:3,
author = {David F. Ferraiolo and Ravi Sandhu and Serban Gavrila and D. Richard Kuhn and Ramaswamy Chandramouli},
title = {A Proposed Standard for Role-Based Access Control},
institution = {National Institute of Standards and Technology},
year = {2000},
address = {\htmladdnormallink{http://csrc.nist.gov/rbac/RBAC-std-draft.doc}{http://csrc.nist.gov/rbac/RBAC-std-draft.doc}},
month = {Dec}
}
@InProceedings{gheorghiu:1,
author = {G. Gheorghiu and T. Ryutov and B. C. Neuman},
title = {Authorization for Metacomputing Applications},
booktitle = {Proceedings of the 7th {IEEE} International Symposium on High Performance Distributed Computing, Chicago, Ill, July 28-31, 1998},
year = {1998},
address = {\htmladdnormallink{http://gost.isi.edu/$\sim$tryutov/gaa\_api} {http://gost.isi.edu/~tryutov/gaa\_api}},
month = {Jul},
organization = {{IEEE}},
note = {{GAA}-{API} work}
}
@InProceedings{giuri:1,
author = {Luigi Giuri},
title = {Role-Based Access Control in Java},
booktitle = {3rd {ACM} Workshop on Role-Based Access, Fairfax, {VA} 1998},
pages = {91-99},
year = {1998},
organization = {{ACM}}
}
@InProceedings{giuri:2,
author = {Luigi Giuri},
title = {Role Templates for Content-based Access Control},
booktitle = {2rd {ACM} Workshop on Role-Based Access, Fairfax, {VA} 11/6-7, 1997},
year = {1997},
OPTmonth = {Nov},
organization = {{ACM}}
}
@TechReport{goh:1,
author = {Cheh Goh},
title = {A Generic Approach to Policy Description in System Management},
institution = {{HP} Laboratories Bristol},
year = {1997},
number = {{HPL}-97-82},
address = {\htmladdnormallink{http://www.hpl.hp.com/techreports/97/HPL-97-82.pdf}{http://www.hpl.hp.com/techreports/97/HPL-97-82.pdf}},
month = {Jul}
}
@Book{gong:2,
author = {Li Gong},
title = {Inside Java$^TM$ 2 Platform Security: Architecture, API Design, and Implementation},
publisher = {Addison-Wesley},
year = {1999},
series = {The Java$^TM$ Series}
}
@InProceedings{hayton:1,
author = {R. J. Hayton and J. M. Bacon and K. Moody},
title = {Access control in an open distributed environment},
booktitle = {Proceedings of the 1998 {IEEE} Symposium on Security and Privacy, Los Alamitos, {CA}, {USA}},
pages = {3-14},
year = {1998},
organization = {{IEEE} Computer Society}
}
@InProceedings{herzberg:1,
author = {Amir Herzberg and Yosi Mass and Joris Mihaeli and Dalit Naor and Yiftach Ravid},
title = {Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers},
booktitle = {2000 {IEEE} Symposium on Security and Privacy},
key = {Authentication, key management, role based access control, trust management, logic programming, public key certificates, X.509},
year = {2000},
address = {\htmladdnormallink{http://www.hrl.il.ibm.com/TrustEstablishment/paper.asp}{http://www.hrl.il.ibm.com/TrustEstablishment/paper.asp}},
month = {May},
organization = {{IBM} Haifa Research Lab, Tel Aviv Site, E-Business and Security Group},
abstract = {The Internet enables connectivity between many strangers - entities that don't know each other. We present the Trust Policy Language ({TPL}), used to define the mapping of strangers to predefined business roles, based on certificates issued by third parties. {TPL} is expressive enough to allow complex policies, e.g. non-monotone (negative) certificates, while being simple enough to allow automated policy checking and processing. Issuers of certificates are either known in advance, or provide sufficient certificates to be considered a trusted authority according to the policy. This allows bottom-up, grass roots buildup of trust, as in the real world. We extend, rather than replace, existing role-based access control mechanisms. This provides a simple, modular architecture and easy migration from existing systems.},
note = {Has policy language, group membership certificates}
}
@Article{howell:1,
author = {Jon Howell and David Kotz},
title = {A Formal Semantics for {SPKI}},
journal = {{ESORICS} 2000},
year = {2000},
address = {\htmladdnormallink{ftp://ftp.cs.dartmouth.edu/TR/TR2000-363.ps.Z}{ftp://ftp.cs.dartmouth.edu/TR/TR2000-363.ps.Z}},
month = {Mar}
}
@InProceedings{howell:3,
author = {John Howell and David Kotz},
title = {End-to-end authorization},
booktitle = {{OSDI} 2000},
year = {2000},
address = {\htmladdnormallink{ftp://ftp.cs.dartmouth.edu/pub/kotz/papers/howell:end-to-end.ps.Z}{ftp://ftp.cs.dartmouth.edu/pub/kotz/papers/howell:end-to-end.ps.Z}}
}
@Manual{ibm:1,
title = {Resource Access Control Facility ({RACF})},
author = {{IBM}},
address = {\htmladdnormallink{http://www.s390.ibm.com/\-products/\-racf/\-racfhp.html}{http://www.s390.ibm.com/products/racf/racfhp.html}}
}
@Manual{intel:1,
title = {Common Data Security Architecture ({CDSA})},
author = {Intel},
address = {\htmladdnormallink{http://developer.intel.com/ial/security}{http://developer.intel.com/ial/security}}
}
@TechReport{itu:509,
author = {{ITU-T}},
title = {Draft Revised Recommendation X.509|{ISO/IEC} 9594-8: Information Technology - Open Systems Interconnection - The Directory: Public-Key and Attribute Certificate Frameworks},
institution = {{ITU-T}},
year = {2000},
number = {X.509},
address = {\htmladdnormallink{ftp://ftp.bull.com/pub/OSIdirectory/4thEditionTexts/X.509\_4thEditionDraftV8.pdf}{ftp://ftp.bull.com/pub/OSIdirectory/4thEditionTexts/X.509\_4thEditionDraftV8.pdf}},
month = {Sep},
annote = {Has two policy language examples, one of them boolean-based}
}
@InProceedings{jajodia:1,
author = {Sushil Jajodia and Pierangela Samarati and V. S. Subrahmanian},
title = {A Logical Language for Expressing Authorizations},
booktitle = {Proceedings of the {IEEE} Symposium on Security and Privacy ({SP}'97)},
year = {1997},
organization = {{IEEE}},
note = {Cited in \cite{damianou:1}. Language is {ASL}.}
}
@PhdThesis{jones:2,
author = {V. Jones},
title = {Access Control for Client-Server Object Databases},
school = {Department of Computer Science, University of Illinois},
year = {1996},
address = {\htmladdnormallink{http://drl.cs.uiuc.edu/pubs/vjones\_prelim.ps}{http://drl.cs.uiuc.edu/pubs/vjones\_prelim.ps}},
month = {Dec}
}
@InProceedings{jones:3,
author = {V. E. Jones and M. Winslett},
title = {{JaDE}: Access Control in a Java-Based Object Database},
booktitle = {Proceedings of {OOPSLA} '95 Workshop on Object Database Behavior, Benchmarks, and Performance, Austin, Texas},
year = {1995},
address = {\htmladdnormallink{http://drl.cs.uiuc.edu/pubs/oowkshop.ps}{http://drl.cs.uiuc.edu/pubs/oowkshop.ps}},
month = {Oct}
}
@InProceedings{kahan:2,
author = {Jose Kahan},
title = {A Distributed Authorization Model for {WWW}},
booktitle = {{INET} '95 Hypermedia Proceedings},
year = {1995},
address = {\htmladdnormallink{http://www.isoc.org/HMP/PAPER/107/abst.html}{http://www.isoc.org/HMP/PAPER/107/abst.html}},
organization = {{ISOC}},
note = {includes "coordinated authorization" as a special case of authorization closure, according to \cite{woo:3}}
}
@InProceedings{lai:1,
author = {Charlie Lai and Li Gong and Larry Koved and Anthony Nadalin and Roland Schemers},
title = {User Authentication and Authorization in the Java$^{TM}$ Platform},
booktitle = {Proceedings of the 15th Annual Computer Security Applications Conference, Phoenix, AZ},
year = {1999},
address = {\htmladdnormallink{http://java.sun.com/security/jaas/doc/acsac.ps}{http://java.sun.com/security/jaas/doc/acsac.ps}},
month = {Dec}
}
@Article{lawrence:1,
author = {L. G. Lawrence},
title = {The Role of Roles},
journal = {Computers and Security},
year = {1993},
volume = {12},
number = {1},
pages = {15-21}
}
@Book{levy:1,
author = {H. M. Levy},
title = {Capability-Based Computer Systems},
publisher = {Digital Press},
year = {1984},
note = {Cited in \cite{woo:3}}
}
@Article{li:2,
author = {Ninghui Li and Joan Feigenbaum and Benjamin N. Grosof},
title = {A Logic-based Knowledge Representation for Authorization with Delegation},
journal = {Journal of Computer Security},
year = {?},
address = {\htmladdnormallink{http://computer.org/proceedings/csfw/0201/02010162abs.htm}{http://computer.org/proceedings/csfw/0201/02010162abs.htm}},
abstract = {We introduce Delegation Logic ({DL}), a logic-based knowledge
representation (i.e., language) that deals with authorization
in large-scale, open, distributed systems. Of central
importance in any system for deciding whether requests should
be authorized in such a system are delegation of authority,
negation of authority, and conflicts between authorities. {DL}'s
approach to these issues and to the interplay among them
borrows from previous work on delegation and trust management
in the computer-security literature and previous work on
negation and conflict handling in the logic-programming and
non-monotonic reasoning literature, but it departs from
previous work in some crucial ways. In this introductory paper,
we present the syntax and semantics of {DL} and explain our novel
design choices. This first paper focuses on delegation,
including explicit treatment of delegation depth and delegation
to complex principals; a forthcoming companion paper focuses on
negation.
Compared to previous logic-based approaches to authorization,
{DL} provides a novel combination of features: it is based on
logic programs, expresses delegation depth explicitly, and
supports a wide variety of complex principals (including but
not limited to k-out-of-n thresholds). Compared to previous
approaches to trust management, {DL} provides another novel
feature: a concept of proof-of-compliance that is not entirely
ad-hoc and that is based on model-theoretic semantics (just as
usual logic programs have a model-theoretic semantics). {DL}'s
approach is also novel in that it combines the above features
with smooth extensibility to non-monotonicity, negation, and
prioritized conflict handling. This extensibility is
accomplished by building on the well-understood foundation of
{DL}'s logic-program knowledge representation.}
}
@InProceedings{lobo:1,
author = {J. Lobo and R. Bhatia and S. Naqvi},
title = {A Policy Description Language},
booktitle = {Proceedings of the 16th National Conference on Artificial Intelligence {AAAI}, Orlando, Florida, {USA}},
pages = {291-298},
year = {1999},
address = {\htmladdnormallink{http://www.bell-labs.com/user/jlobo1/jorge\_details.html}{http://www.bell-labs.com/user/jlobo1/jorge\_details.html}},
month = {Jul},
organization = {{AAAI}},
note = {Cited in \cite{damianou:1}. Describes {PDL}. Work out of Bell-Labs. See also \cite{virmani:1}.}
}
@InProceedings{lupu:1,
author = {E. Lupu and M. Sloman and N. Dulay and N. Damianou},
title = {Ponder: Realising Enterprise Viewpoint Concepts},
booktitle = {Proceedings of the 4th International Enterprise Distributed Object Computing Conference ({EDOC}2000), Makuhari, Japan},
pages = {66-75},
year = {2000},
address = {\htmladdnormallink{http://www.doc.ic.ac.uk/$\sim$mss/Papers/EDOC-PonderV6.pdf}{http://www.doc.ic.ac.uk/~mss/Papers/EDOC-PonderV6.pdf}},
month = {Sep}
}
@Article{mizuno:1,
author = {M. Mizuno and Arthur E. Oldehoeft},
title = {An Access Control Language for Object-Oriented Programming Systems},
journal = {Journal of Systems and Software},
year = {1990},
volume = {13},
pages = {3-12},
note = {not on the web, as far as I can tell}
}
@TechReport{moore:1,
author = {B. Moore and E. Ellesson and J. Strassner and A. Westerinen},
title = {Policy Core Information Model -- Version 1 Specification},
institution = {{IETF} Policy Framework Working Group},
year = {2001},
type = {RFC},
number = {3060},
address = {\htmladdnormallink{ftp://ftp.isi.edu/in-notes/rfc3060.txt}{ftp://ftp.isi.edu/in-notes/rfc3060.txt}},
month = {Feb}
}
@InProceedings{nagaratnam:3,
author = {Nataraj Nagaratnam and Steven B. Byrne},
title = {Resource Access Control for an Internet User Agent},
booktitle = {Proceedings of the {USENIX} Conference on Object Oriented Technologies and Systems},
address = {\htmladdnormallink{http://www.usenix.org/publications/library/proceedings/coots97/nagaratnam.html}{http://www.usenix.org/publications/library/proceedings/coots97/nagaratnam.html}},
year = {1997},
month = {Jun}
}
@InProceedings{nikander:1,
author = {Pekka Nikander and Jonna Partanen},
title = {Distributed Policy Management for {JDK} 1.2},
booktitle = {Proceedings of the 1999 Network and Distributed System Security Symposium},
year = {1999},
address = {\htmladdnormallink{http://www.isoc.org/isoc/conferences/ndss/99/proceedings/papers/nikander.pdf}{http://www.isoc.org/isoc/conferences/ndss/99/proceedings/papers/nikander.pdf}},
month = {Feb},
note = {Uses SPKI certificates; see \cite{partanen:1}}
}
@TechReport{nist:1,
author = {{NIST}},
title = {An Introduction to Role-Based Access Control},
institution = {{NIST}},
year = {1995},
number = {cs195-12},
address = {\htmladdnormallink{http://csrc.ncsl.nist.gov/nistbul/csl95-12.txt}{http://csrc.ncsl.nist.gov/nistbul/csl95-12.txt}},
month = {Dec}
}
@TechReport{nist:2,
author = {{NIST}},
title = {Role Based Access Control},
institution = {{NIST}},
year = {2000},
address = {\htmladdnormallink{http://hissa.ncsl.nist.gov/rbac/}{http://hissa.ncsl.nist.gov/rbac/}},
note = {Has links to numerous {RBAC} papers}
}
@Book{oaks:1,
author = {Scott Oaks},
title = {Java Security},
publisher = {{O'Reilly}},
year = {1998},
series = {JAVA Series},
month = {May}
}
@InProceedings{ortalo:1,
author = {Rodolphe Ortalo},
title = {A Flexible Method for Information System Security Policy Specification},
booktitle = {Proceedings of 5th European Symposium on Research in Computer Security ({ESORICS} 98), Louvain-la-Neuve, Belgium},
pages = {67-84},
year = {1998},
editor = {Jean-Jacques Quisquater and Yves Deswarte and Catherine Meadows and Dieter Gollmann},
number = {1485},
series = {Lecture Notes in Computer Science},
month = {Sep},
publisher = {Springer-Verlag},
note = {This paper presents a method for the specification of the security of information systems. The proposed
approach provides a flexible and expressive specification method, corresponding to the specific needs of organizations.
First, we outline the overall guidelines of the security policy definition process, and the different consistency issues
associated to the description of the security requirements of an organization information system. The specification
language used is based on a convenient extension of deontic logic. The formalism and its extensions are then defined
briefly. To illustrate the use of this formalism, the paper presents how the method applies to the description of the
security requirements of a real organization: a medium-size bank agency. Cited in \cite{damianou:1}.}
}
@TechReport{ortalo:2,
author = {Rodolphe Ortalo},
title = {Using deontic logic for security policy specification},
institution = {LAAS},
year = {1996},
type = {Rapport LAAS},
number = {96380},
address = {\htmladdnormallink{http://www.laas.fr:8889/ows-bin/publis.rech\_doc?language=ENG\&clef=15965}{http://www.laas.fr:8889/ows-bin/publis.rech\_doc?language=ENG\&clef=15965}},
month = {Oct},
note = {This paper analyses the problem of specifying a security policy for organizations. First, various
issues related to the problem of an adequate and rigorous specification of a security policy are
outlined in a context where security requirements usually remain informal and are difficult to
satisfy. Then, it is proposed to use a logical language, previously studied in the literature, that seems
to exhibit the adaptability needed for such tasks. The definition of this formalism is provided. We
focus on the problem of its practical use and propose a graphical approach supported by a tool. A
security policy specification example is presented to illustrate this approach.}
}
@TechReport{parker:1,
author = {T. Parker and D. Pinkas},
title = {Sesame V4 - Overview},
institution = {{SESAME}},
year = {1995},
number = {Issue 1},
address = {\htmladdnormallink{http://www.isrc.qut.edu.au/sesame/doc-txt/overview.txt}{http://www.isrc.qut.edu.au/sesame/doc-txt/overview.txt}},
month = {Dec},
note = {cited in \cite{ashley:1}}
}
@TechReport{parker:2,
author = {Tom Parker and Denis Pinkas},
title = {Extended Generic Security Service {API}s: {XGSS}-{API}s Access control and delegation extensions},
institution = {{IETF} {CAT} {WG}},
year = {1998},
type = {draft},
address = {\htmladdnormallink{http://www.alternic.org/drafts/drafts-i-j/draft-ietf-cat-xgssapi-acc-cntrl-03.html}{http://www.alternic.org/drafts/drafts-i-j/draft-ietf-cat-xgssapi-acc-cntrl-03.html}},
month = {Nov}
}
@InProceedings{partanen:1,
author = {Jonna Partanen and Pekka Nikander},
title = {Adding {SPKI} Certificates to {JDK} 1.2},
booktitle = {Proceedings of the Nordsec'98, the Third Nordic Workshop on Secure {IT} Systems, November 5th-6th, 1998, Trondheim, Norway},
year = {1998},
address = {\htmladdnormallink{http://www.tml.hut.fi/Research/TeSSA/Papers/Partanen-Nikander/partanen-nikander-nordsec-98-final.pdf}{http://www.tml.hut.fi/Research/TeSSA/Papers/Partanen-Nikander/partanen-nikander-nordsec-98-final.pdf}},
month = {Nov},
note = {See also \cite{nikander:1}}
}
@InProceedings{nikander:3,
author = {Pekka Nikander and Lea Viljanen},
title = {Storing and Retrieving Internet Certificates},
booktitle = {Proceedings of the 3rd Nordic Workshop on Secure Computer Systems, Trondheim, Norway},
year = {1998},
address = {\htmladdnormallink{http://www.nixu.fi/publications.html}{http://www.nixu.fi/publications.html}},
month = {Nov},
note = {Uses DNS to store SPKI certificates}
}
@InProceedings{pinkas:1,
author = {D. Pinkas},
title = {An Access Control Model for Distributed Systems Based on the Use of Trusted Authorities},
booktitle = {Proceedings of the 7th World-Wide Congress on Computer and Communications Security and Protection ({SECURICOM})},
pages = {257-270},
year = {1989},
note = {cited in \cite{ashley:1}}
}
@TechReport{posix:2,
author = {{POSIX}},
title = {Information Technology - Portable Operating System Interface ({POSIX}) - Part 1: System Application Program
Interface ({API}) [C Language]},
institution = {{IEEE}},
year = {1990},
number = {1003.1-1990},
note = {Includes specification of {POSIX} access control lists}
}
@TechReport{posix:4,
author = {{POSIX}},
title = {{IEEE} Standard for Information Technology-Portable Operating
System Interfaces ({POSIX})-Part 2: Shell and Utilities},
institution = {{IEEE}},
year = {1992},
number = {1003.2-1992},
note = {Includes specification of {POSIX} access control lists}
}
@Unpublished{reeder:1,
author = {David Reeder},
title = {Keynote Tutorial},
note = {Posted to keynote-users mailing list},
month = {Jun},
year = {1999}
}
@InProceedings{ribeiro:1,
author = {Carlos N. Ribeiro and Paulo Guedes},
title = {Verifying Workflow Processes against Organization Security Policies},
booktitle = {Proceedings of the 8th {IEEE} International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises},
address = {\htmladdnormallink{http://www.gsd.inesc.pt/$\sim$cnr/pubs.htm}{http://www.gsd.inesc.pt/~cnr/pubs.htm}},
year = {1999},
month = {Jun},
organization = {{IEEE} Computer Society}
}
@TechReport{ribeiro:2,
author = {Carlos N. Ribeiro and Paulo Guedes},
title = {{SPL}: An access control language for security policies with complex constraints},
institution = {{INESC}},
year = {1999},
number = {{RT}/001/99},
address = {\htmladdnormallink{http://www.gsd.inesc.pt/$\sim$cnr/pubs.htm}{http://www.gsd.inesc.pt/~cnr/pubs.htm}}
}
@TechReport{ribeiro:3,
author = {Carlos N. Ribeiro and Andre Zuguete and Paulo Ferreira and Paulo Guedes},
title = {{SPL}: An access control language for security policies with complex constraints},
institution = {{INESC}},
year = {2000},
number = {{RT}/00/00},
address = {\htmladdnormallink{http://www.gsd.inesc.pt/$\sim$cnr/pubs.htm}{http://www.gsd.inesc.pt/~cnr/pubs.htm}}
}
@TechReport{ribeiro:4,
author = {Carlos N. Ribeiro and Andre Zuguete and Paulo Ferreira and Paulo Guedes},
title = {Enforcing Obligation with Security Monitors},
institution = {{INESC}},
year = {2000},
number = {{RT}/00/00},
address = {\htmladdnormallink{http://www.gsd.inesc.pt/$\sim$cnr/pubs.htm}{http://www.gsd.inesc.pt/~cnr/pubs.htm}}
}
@TechReport{ribeiro:5,
author = {Carlos N. Ribeiro and Andre Zuguete and Paulo Ferreira and Paulo Guedes},
title = {Security Policy Consistency},
institution = {{INESC}},
year = {2000},
number = {{RT}/00/00},
address = {\htmladdnormallink{http://www.gsd.inesc.pt/$\sim$cnr/pubs.htm}{http://www.gsd.inesc.pt/~cnr/pubs.htm}}
}
@TechReport{ribeiro:6,
author = {Carlos N. Ribeiro and Paulo Guedes},
title = {Verifying Workflow Processes against Organization Security Policies},
institution = {{INESC}},
year = {1999},
number = {{RT}/002/99},
address = {\htmladdnormallink{http://www.gsd.inesc.pt/$\sim$cnr/pubs.htm}{http://www.gsd.inesc.pt/~cnr/pubs.htm}}
}
@TechReport{rivest:1,
author = {Ronald L. Rivest and Butler Lampson},
title = {{SDSI} - A Simple Distributed Security Infrastructure},
institution = {{MIT} Laboratory for Computer Science},
year = {1996},
address = {\htmladdnormallink{http://theory.lcs.mit.edu/$\sim$cis/sdsi.html}{http://theory.lcs.mit.edu/~cis/sdsi.html}},
month = {Apr},
note = {cited in \cite{abadi:4}}
}
@TechReport{ryutov:1,
author = {Tatyana Ryutov and Clifford Neuman},
title = {Access Control Framework for Distributed Applications},
institution = {{IETF} {CAT} Working Group},
year = {2000},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/cat-charter.html}{http://www.ietf.org/html.charters/cat-charter.html}},
month = {Jul},
note = {{draft-ietf-cat-acc-cntrl-frmw-04.txt}{GAA-API}}
}
@TechReport{ryutov:2,
author = {Tatyana Ryutov and Clifford Neuman},
title = {Access Control Framework for Distributed Applications},
institution = {{IETF} {CAT} Working Group},
year = {2000},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/cat-charter.html}{http://www.ietf.org/html.charters/cat-charter.html}},
month = {Jul},
note = {draft-ietf-cat-gaa-cbind-04.txt}
}
@Article{ryutov:3,
author = {Tatyana Ryutov and Clifford Neuman},
title = {An Authorization Framework for Metacomputing Applications},
journal = {Cluster Computing},
year = {1999},
volume = {2},
pages = {165-175},
address = {\htmladdnormallink{http://www.isi.edu/gost/info/gaa\_api.html}{http://www.isi.edu/gost/info/gaa\_api.html}},
note = {{GAA}-{API} work}
}
@InProceedings{ryutov:4,
author = {Tatyana Ryutov and Clifford Neuman},
title = {Representation and Evaluation of Security Policies for Distributed System Services},
booktitle = {Proceedings of the {DARPA} Information Survivability Conference \& Exposition, Hilton Head, South Carolina},
year = {2000},
address = {\htmladdnormallink{http://www.isi.edu/gost/info/gaa\_api.html}{http://www.isi.edu/gost/info/gaa\_api.html}},
month = {Jan},
note = {{GAA}-{API} work}
}
@Article{samarati:1,
author = {P. Samarati and E. Bertino and S. Jajodia},
title = {An authorization model for a distributed hypertext system},
journal = {{IEEE} Transactions on Knowledge and Data Engineering},
year = {1996},
volume = {8},
number = {4},
pages = {555-562},
month = {August}
}
@TechReport{sanchez:1,
author = {L. A. Sanchez and M. N. Condell},
title = {Security Policy Protocol},
institution = {{IETF} {IP} Security Policy Working Group},
year = {2000},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/ipsp-charter.html}{http://www.ietf.org/html.charters/ipsp-charter.html}},
month = {Jul},
note = {draft-ietf-ipsp-spp-00.txt}
}
@TechReport{sanchez:2,
author = {L. A. Sanchez and H. Orman},
title = {A Roadmap for {IP}sec Policy Management},
institution = {{IETF} {IP} Security Policy Working Group},
year = {2000},
type = {Internet Draft},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/ipsp-charter.html}{http://www.ietf.org/html.charters/ipsp-charter.html}},
month = {Nov},
note = {draft-ietf-ipsp-roadmap-01.txt}
}
@InProceedings{sandhu:1,
author = {R. S. Sandhu and E. J. Coyne and H. L. Feinstein and C. E. Youman},
title = {Role-based access control: A multi-dimensional view},
booktitle = {Proceedings of the 10th Annual Computer Security Applications Conference},
pages = {54-62},
year = {1994},
month = {December}
}
@Article{sandhu:2,
author = {R. Sandhu and et~al},
title = {Role-Based Access Control Models},
journal = {{IEEE} Computer},
year = {1996},
address = {\htmladdnormallink{http://www.computer.org/computer/co1996/r2toc.htm}{http://www.computer.org/computer/co1996/r2toc.htm}},
volume = {29},
number = {2},
month = {Feb},
note = {cited in \cite{jajodia:1}}
}
@Article{sandhu:3,
author = {R. Sandhu and P. Samarati},
title = {Access Control: Principles and Practice},
journal = {{IEEE} Computer},
year = {1994},
pages = {40-48},
month = {Sep}
}
@InProceedings{sandhu:4,
author = {Ravi S. Sandhu},
title = {A Lattice Interpretation of the Chinese Wall Policy},
booktitle = {Proceedings of the 15th {NIST}-{NCSC} National Computer Security Conference, Baltimore, {MD}},
pages = {221-235},
year = {1992},
month = {Oct},
organization = {{NIST}-{NCSC}}
}
@Article{schneider:1,
author = {Fred B. Schneider},
title = {Enforceable Security Policies},
journal = {{ACM} Transactions on Information and System Security},
year = {2000},
volume = {3},
number = {1},
month = {Feb},
address = {\htmladdnormallink{http://www.acm.org/pubs/tissec/contents/v3no1.html}{http://www.acm.org/pubs/tissec/contents/v3no1.html}},
note = {Also found at http://www.cis.upenn.edu/~lee/cis642/99cis642/sp.ps}
}
@InProceedings{seamons:1,
author = {Kent E. Seamons and William Winsborough and Marianne Winslett},
title = {Internet Credential Acceptance Policies},
booktitle = {Proceedings of the Workshop on Logic Programming for Internet Applications, Leuven, Belgium},
institution = {{IBM} Transarc},
address = {\htmladdnormallink{http://www.transarc.ibm.com/$\sim$winsboro/papers/CAP.html}{http://www.transarc.ibm.com/~winsboro/papers/CAP.html}},
month = {Jul},
year = {1997},
abstract = {Servers often need a basis for establishing some degree of trust in their clients. This problem is particularly interesting for services that do not have a prior relationship with their clients. Credentials can be used to demonstrate properties of the credential bearer possibly including, but not limited to, the owner's identity. Digital credentials are well-suited for use by any service provider that needs to grant different authorization for and views of services to different clients, based on client properties. This paper presents a programming methodology for writing credential acceptance policies and authentication logic that can be used for credential management on the internet.}
}
@InProceedings{seamons:2,
author = {Kent E. Seamons and Marianne Winslett and Ting Yu},
title = {Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation},
booktitle = {Symposium on Network and Distributed System Security, San Diego},
year = {2001},
address = {\htmladdnormallink{http://drl.cs.uiuc.edu/pubs/seamons-policy.pdf}{http://drl.cs.uiuc.edu/pubs/seamons-policy.pdf}},
month = {Feb}
}
@Misc{sesame:1,
Author = {{SESAME}},
organization = {{SESAME}},
title = {A Secure European System for Applications in a Multi-vendor Environment Home Page},
howpublished = {{WWW}},
address = {\htmladdnormallink{https://www.cosic.esat.kuleuven.ac.be/sesame/}{https://www.cosic.esat.kuleuven.ac.be/sesame/}}
}
@Manual{sesame:2,
title = {{SESAME} Technology Version 4 Administrator's Guide},
author = {{SESAME}},
organization = {{SESAME}},
address = {\htmladdnormallink{http://www.isrc.qut.edu.au/sesame/doc-txt/admin.txt}{http://www.isrc.qut.edu.au/sesame/doc-txt/admin.txt}},
month = {Dec},
year = {1995},
note = {60 pages long}
}
@TechReport{shirey:1,
author = {R. Shirey},
title = {Internet Security Glossary},
institution = {{IETF}},
year = {2000},
type = {Informational RFC},
number = {2828; FYI 36},
address = {\htmladdnormallink{ftp://ftp.isi.edu/in-notes/rfc2828.txt}{ftp://ftp.isi.edu/in-notes/rfc2828.txt}},
month = {May},
note = {Defines over 1000 security terms, including those used in
IETF RFCs. Internally consistent, complementary
terms and definitions are recommended.}
}
@TechReport{sloman:1,
author = {Morris Sloman and Emil Lupu and Nicodemos Damianou and Narankar Dulay},
title = {Ponder A Language for Specifying Management and Security Policies},
institution = {Dept. of Computing, Imperial College, London},
year = {2000?},
address = {\htmladdnormallink{http://www-dse.doc.ic.ac.uk/Research/policies/files/PonderPresentation.pdf}{http://www-dse.doc.ic.ac.uk/Research/policies/files/PonderPresentation.pdf}},
note = {slides}
}
@TechReport{stokes:1,
author = {E. Stokes and R. Byrne and B. Blakley and P. Behera},
title = {Access Control Requirements for {LDAP}},
institution = {{IETF}},
year = {1999},
type = {Informational {RFC}},
number = {2820},
address = {\htmladdnormallink{http://www.faqs.org/rfcs/rfc2820.html}{http://www.faqs.org/rfcs/rfc2820.html}}
}
@TechReport{stokes:2,
author = {E. Stokes and B. Blakley and D. Rinkevich and R. Byrne},
title = {Access Control Model for {LDAP}v3},
institution = {{IETF}},
year = {2000},
type = {Standards Track draft},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/ldapext-charter.html}{http://www.ietf.org/html.charters/ldapext-charter.html}},
month = {July},
note = {draft-ietf-ldapext-acl-model-06.txt}
}
@Manual{sun:1,
title = {Java Management Extensions Instrumentation and Agent Specification},
key = {Sun},
author = {{Sun Microsystems, Inc.}},
organization = {Sun Microsystems, Inc.},
address = {\htmladdnormallink{http://java.sun.com/aboutJava/communityprocess/first/jsr003/jmx\_instr\_agent.pdf}{ http://java.sun.com/aboutJava/communityprocess/first/jsr003/jmx\_instr\_agent.pdf}},
edition = {v1.0},
month = {Jul},
year = {2000},
note = {referenced in \cite{damianou:1} as the infrastructure needed to implement policy-based management solutions}
}
@TechReport{taal:1,
author = {A. Taal and G. Sliepen and D. Spence},
title = {Policies in a Generic {AAA} Environment},
institution = {{IETF}},
year = {2000},
type = {Internet Draft},
address = {\htmladdnormallink{http://www.ietf.org/internet-drafts/draft-taal-aaaarch-generic-pol-00.txt}{http://www.ietf.org/internet-drafts/draft-taal-aaaarch-generic-pol-00.txt}},
month = {Nov},
note = {draft-taal-aaaarch-generic-pol-00.txt}
}
@TechReport{thompson:1,
author = {Mary Thompson and William Johnston and Srilekha Mudumbai and Gary Hoo and Keith Jackson and Abdelilah Essiari},
title = {Certificate-based Access Control for Widely Distributed Resources},
institution = {Information and Computing Sciences Division, Lawrence Berkeley National Laboratory},
year = {?},
number = {{LBNL}-42928},
address = {\htmladdnormallink{http://george.lbl.gov/security/Akenti/Papers/UsenixSec.html}{http://george.lbl.gov/security/Akenti/Papers/UsenixSec.html}},
note = {compares their work to both {SPKI} and KeyNote}
}
@TechReport{thompson:2,
author = {Mary R Thompson},
title = {Akenti Policy Language},
institution = {Information and Computing Sciences Division, Lawrence Berkeley National Laboratory},
year = {2001},
address = {\htmladdnormallink{http://www-itg.lbl.gov/security/Akenti/Papers/PolicyLanguage.pdf}{http://www-itg.lbl.gov/security/Akenti/Papers/PolicyLanguage.pdf}},
month = {Jul}
}
@TechReport{tripunitara:1,
author = {Mahesh V. Tripunitara and Gene Spafford},
title = {Security Policy Communication in a Distributed Network Element},
institution = {{CERIAS}, Purdue University},
year = {1999},
number = {{CERIAS} {TR}-99/01},
note = {A version appears in Proceedings of the International Conference on Advanced Communication Technology ({ICACT}'99)}
}
@TechReport{tuwg:1,
author = {{Trusted {UNIX} Working Group}},
title = {Rationale for selecting access control list features for the {UNIX} system},
institution = {Trusted {UNIX} Working Group ({TRUSIX}), National Computer Security Center ({NCSC})},
year = {1989},
number = {{NCSC}-{TG}-020-A},
address = {\htmladdnormallink{http://www.fas.org/irp/nsa/rainbow/tg020-a.htm}{http://www.fas.org/irp/nsa/rainbow/tg020-a.htm}},
month = {Aug}
}
@Manual{uml:1,
title = {Object Constraint Language Specification},
author = {{UML}},
organization = {Unified Modeling Language},
address = {\htmladdnormallink{http://www.rational.com/media/uml/resources/media/ad970808\_UML11\_OCL.pdf}{http://www.rational.com/media/uml/resources/media/ad970808\_UML11\_OCL.pdf}},
edition = {Version 1.1},
month = {Sep},
year = {1997},
note = {Used in Ponder \cite{damianou:1} as language for specifying policy constraints. Used in \cite{chen:1}.}
}
@InProceedings{virmani:1,
author = {A. Virmani and J. Lobo and M. Kohli},
title = {Netmon: Network Management for the {SARAS} Softswitch},
booktitle = {{IEEE}/{IFIP} Network Operations and Management Symposium ({NOMS}2000), Hawaii},
pages = {803-816},
year = {2000},
editor = {J. Hong and R. Weihmayer},
address = {\htmladdnormallink{http://www.bell-labs.com/user/jlobo1/jorge\_details.html}{http://www.bell-labs.com/user/jlobo1/jorge\_details.html}},
month = {May},
organization = {{IEEE}/{IFIP}},
note = {Cited in \cite{damianou:1}. Work done at Bell-Labs. Describes {PDL}. See also \cite{lobo:1}.}
}
@TechReport{westerinen:1,
author = {A. Westerinen et al},
title = {Policy Terminology},
institution = {{IETF} Policy Framework Working Group},
year = {2001},
type = {Internet Draft},
address = {\htmladdnormallink{http://www.ietf.org/html.charters/policy-charter.html}{http://www.ietf.org/html.charters/policy-charter.html}},
month = {Apr},
note = {draft-ietf-policy-terminology-03.txt}
}
@Book{widom:1,
author = {Jennifer Widom and Stefano Ceri},
title = {Active Database Systems},
publisher = {Morgan Kaufmann Publishers},
year = {1996},
note = {cited in \cite{didriksen:1} as exposition of <event, condition, action> model for specifying database rules}
}
@TechReport{wijnen:1,
author = {B. Wijnen and R. Presuhn and K. McCloghrie},
title = {View-based Access Control Model ({VACM}) for the Simple Network Management Protocol ({SNMP})},
institution = {{IETF}},
year = {1999},
type = {{RFC}},
number = {2575},
address = {\htmladdnormallink{http://www.faqs.org/rfcs/rfc2575.html}{http://www.faqs.org/rfcs/rfc2575.html}},
month = {April}
}
@Unpublished{winsborough:1,
author = {W. Winsborough and K. Seamons and V. Jones},
title = {Automated Trust Negotiation},
address = {\htmladdnormallink{http://www.csc.ncsu.edu/faculty/vej/atn.ps}{http://www.csc.ncsu.edu/faculty/vej/atn.ps}},
month = {Apr},
year = {2000},
note = {{submitted for journal publication}{Looks almost identical to \cite{winsborough:3}, but seems a little more complete}}
}
@InProceedings{winsborough:2,
author = {W. H. Winsborough and K. E. Seamons and V. E. Jones},
title = {Negotiating Disclosure of Sensitive Credentials},
booktitle = {Second Conference on Security in Communication Networks},
year = {1999},
address = {\htmladdnormallink{http://www.transarc.com/$\sim$trg/TrustManagement/docs/TrustNegotiationFramework.pdf}{http://www.transarc.com/~trg/TrustManagement/docs/TrustNegotiationFramework.pdf}},
month = {Sep}
}
@InProceedings{winsborough:3,
author = {W. H. Winsborough and K. E. Seamons and V. E. Jones},
title = {Automated Trust Negotiation},
booktitle = {{DARPA} Information Survivability Conference and Exposition},
year = {2000},
address = {\htmladdnormallink{http://www.transarc.com/$\sim$trg/TrustManagement/docs/DISCEX2000.pdf}{http://www.transarc.com/~trg/TrustManagement/docs/DISCEX2000.pdf}},
month = {Jan},
note = {Almost identical to \cite{winsborough:1}, but not quite as complete}
}
@Article{winslett:1,
author = {M. Winslett and N. Ching and V. Jones and I. Slepchin},
title = {Using Digital Credentials on the World-Wide Web},
journal = {Journal of Computer Security},
year = {1997},
address = {\htmladdnormallink{http://drl.cs.uiuc.edu/pubs/jcs97.ps}{http://drl.cs.uiuc.edu/pubs/jcs97.ps}}
}
@Article{woo:1,
author = {T. Y. C. Woo and S. S. Lam},
title = {Authorization in distributed systems: a new approach},
journal = {Journal of Computer Security},
year = {1993},
volume = {2},
number = {2-3},
pages = {107-136},
note = {cited in \cite{jajodia:1}},
address = {\htmladdnormallink{http://www.cs.utexas.edu/users/lam/NRL/network\_security.html}{http://www.cs.utexas.edu/users/lam/NRL/network\_security.html}}
}
@InProceedings{woo:3,
author = {T. Y. C. Woo and S. S. Lam},
title = {Designing a distributed authorization service},
booktitle = {Proceedings {IEEE} {INFOCOM} '98, San Francisco, March 1998},
address = {\htmladdnormallink{http://www.cs.utexas.edu/users/lam/NRL/network\_security.html}{http://www.cs.utexas.edu/users/lam/NRL/network\_security.html}},
year = {1998},
month = {Mar},
abstract = {Thomas Woo and Simon Lam, at {UT} Austin, have published several
papers from 1992-1998 on authorization in distributed systems,
based on a formal model described in {\cite{woo:5}}. This paper
({\cite{woo:3}}) is intended to be a practical implementation of
the model.
There are two distinct ideas in the paper:
1) A procedural language, generalized access control list
({GACL}), that extends ordinary {ACL}s with inheritance, defaults,
negative authorizations, and well-defined semantics. Various
restrictions on the grammar are specified to make evaluation
of {GACL}s simpler and more efficient.
2) Offloading authorization from an end server that controls the
resource being accessed to an authorization server. The
authorization server is similar in concept to various
Kerberos extensions ({\cite{neuman:1}}, {OSF} {DCE}, {SESAME}) for
authorization (i.e. proxy).
Other topics of interest:
a) Incomplete authorization results, allowing for iteration after
supplying more credentials.
b) A form of anonymous authorization, where the end server does
not know the identity of the client. The authorization
server, however, does know the identity.}
}
@InProceedings{woo:4,
author = {Thomas Y. C. Woo and Simon S. Lam},
title = {A framework for distributed authorization},
booktitle = {Proceedings {ACM} Conference on Computer and Communications Security, Fairfax, {VA}},
address = {\htmladdnormallink{http://www.cs.utexas.edu/users/lam/NRL/network\_security.html}{http://www.cs.utexas.edu/users/lam/NRL/network\_security.html}},
year = {1993},
month = {Nov}
}
@InProceedings{woo:5,
author = {Thomas Y. C. Woo and Simon S. Lam},
title = {Authorization in Distributed Systems: a Formal Approach},
booktitle = {{IEEE} Symposium on Research in Security and Privacy, Oakland},
address = {\htmladdnormallink{http://www.cs.utexas.edu/users/lam/NRL/network\_security.html}{http://www.cs.utexas.edu/users/lam/NRL/network\_security.html}},
year = {1992},
month = {May}
}
@TechReport{wulf:1,
author = {William A. Wulf and Chenxi Wang and Darrell Kienzle},
title = {A new model of security for distributed systems},
institution = {University of Virginia},
year = {1995},
address = {\htmladdnormallink{http://legion.virginia.edu/papers/CS-95-34.ps}{http://legion.virginia.edu/papers/CS-95-34.ps}},
month = {Aug},
abstract = {{We argue that a new model is needed that shifts the emphasis from "system as enforcer" to user-definable policies in which the cost scales with the degree of security required. Part of the "Legion" project.}{A presentation says "security restricted to Mayl function - policies are easily replaced and verified using a simple access control language.}}
}
@InProceedings{yialelis:1,
author = {N. Yialelis and M. Sloman},
title = {A Security Framework Supporting Domain-Based Access Control in Distributed Systems},
booktitle = {Proceedings of Symposium on Network and Distributed Systems Security},
year = {1996},
address = {\htmladdnormallink{http://info.isoc.org/conferences/ndss96/sndss96.htm}{http://info.isoc.org/conferences/ndss96/sndss96.htm}},
organization = {{IEEE}}
}
@inproceedings{yu:1,
author = {T. Yu and X. Ma and M. Winslett},
title = {{PRUNES}: An Efficient and Complete Strategy for Trust Negotiation over the Internet},
booktitle = {{ACM} Conference on Computer and Communications Security, Athens},
year = {2000},
address = {\htmladdnormallink{http://drl.cs.uiuc.edu/pubs/ccs2000.ps}{http://drl.cs.uiuc.edu/pubs/ccs2000.ps}},
month = {Nov},
organization = {{ACM}}
}
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC