Zobrazeno 1 - 10
of 154
pro vyhledávání: '"Crampton, Jason"'
Role mining is a technique used to derive a role-based authorization policy from an existing policy. Given a set of users $U$, a set of permissions $P$ and a user-permission authorization relation $\mahtit{UPA}\subseteq U\times P$, a role mining algo
Externí odkaz:
http://arxiv.org/abs/2403.16757
Recent work has shown that many problems of satisfiability and resiliency in workflows may be viewed as special cases of the authorization policy existence problem (APEP), which returns an authorization policy if one exists and 'No' otherwise. Howeve
Externí odkaz:
http://arxiv.org/abs/2106.05761
User authorization queries in the context of role-based access control have attracted considerable interest in the last 15 years. Such queries are used to determine whether it is possible to allocate a set of roles to a user that enables the user to
Externí odkaz:
http://arxiv.org/abs/2104.05983
There has been a considerable amount of interest in recent years in the problem of workflow satisfiability, which asks whether the existence of constraints in a workflow specification makes it impossible to allocate authorized users to each step in t
Externí odkaz:
http://arxiv.org/abs/1904.07234
Autor:
Crampton, Jason, Williams, Conrad
The study of canonically complete attribute-based access control (ABAC) languages is relatively new. A canonically complete language is useful as it is functionally complete and provides a "normal form" for policies. However, previous work on canonic
Externí odkaz:
http://arxiv.org/abs/1702.04173
Constraints such as separation-of-duty are widely used to specify requirements that supplement basic authorization policies. However, the existence of constraints (and authorization policies) may mean that a user is unable to fulfill her/his organiza
Externí odkaz:
http://arxiv.org/abs/1612.06191
We may enforce an information flow policy by encrypting a protected resource and ensuring that only users authorized by the policy are able to decrypt the resource. In most schemes in the literature that use symmetric cryptographic primitives, each u
Externí odkaz:
http://arxiv.org/abs/1608.08386
We introduce an extension of decision problems called resiliency problems. In resiliency problems, the goal is to decide whether an instance remains positive after any (appropriately defined) perturbation has been applied to it. To tackle these kinds
Externí odkaz:
http://arxiv.org/abs/1605.08738
In recent years, several combinatorial problems were introduced in the area of access control. Typically, such problems deal with an authorization policy, seen as a relation $UR \subseteq U \times R$, where $(u, r) \in UR$ means that user $u$ is auth
Externí odkaz:
http://arxiv.org/abs/1604.01550
A computerized workflow management system may enforce a security policy, specified in terms of authorized actions and constraints, thereby restricting which users can perform particular steps in a workflow. The existence of a security policy may mean
Externí odkaz:
http://arxiv.org/abs/1512.07019