OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xacml] Background

Tim,

here are two more references on research related to the multi-policy
or policy combination aspect:

@InProceedings{Hosmer1993,
   author =       {Hilary H. Hosmer},
   title =        {The Multipolicy Paradigm for Trusted Systems},
   booktitle =    {Proc. ACM New Security Paradigms Workshop},
   key =          {security, policies, metapolicies},
   pages =        {19--32},
   year =         {1993},
   comment =      {an earlier paper identifying general issues}
}

@Article{Lupu1999,
   author =       {Emil C. Lupu and Morris Sloman},
   title =        {Conflicts in Policy--Based Distributed Systems
                   Management},
   journal =      {IEEE Transactions on Software Engineering},
   year =         {1999},
   volume =       {25},
   number =       {6},
   pages =        {852--896},
   usr =          {http://www.doc.ic.ac.uk/~ecl1/papers/tse.pdf}
   comment =      {identifies classes of conflicts between policies}
}

My own impression is that policy combination is largely a
theoretical issue in the research arena, but I might have
missed something here. (Pierangela, Polar?)

I don't know how far we would want to go back in the general
history of access control. If this is supposed to be a more
general survey, I would add a few seminal papers going
back into the '70s (Lampson, HRU, Multics, Abadi/Lampson
delegation logic, etc.). Mind you, these were written even
prior to the Orange Book ;-)

Not sure this is necessary here, though.

Kind regards, Gerald.



> 1.2. References
> 1. Perritt;  Knowbots, Headers & Contract Law; 1993.
> 2. Orange book
> 3. Trusted Network Interpretation
> 4. X.500 filter
> 5. J Moffett and M Sloman. Policy hierarchies for distributed system 
> management.  IEEE Journal on Selected areas in communications, pages 
> 1404-1414, December 1993.  Special Issue on network management.
> 
> 6. R Sandhu, E Coyne, H Feinstein and C Youman.  Role-based access 
> control models.  IEEE Computer, 9(2); 38-47, 1996.

> 7. S Jajodia, P Samarati, V S Subrahmanian and E Bertino.  A unified 
> framework for enforcing multiple access control policies.  Proceedings 
> of ACM SIGMOD, 1997
> 
> 8. N Minsky, V Ungureanu. Unified support for heterogeneous distributed 
> systems.  7th USENIX security symposium, San Antonio, Texas, January, 1998..



-- 
Dr. Gerald Brose, Software Architect    mailto:brose@xtradyne.com
Xtradyne Technologies                     http://www.xtradyne.com
Schoenhauser Allee 6-7,                  Phone: +49-30-440 306-27
D-10119 Berlin, Germany                  Fax  : +49-30-440 306-78

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC