A systematic literature review for authorization and access control: definitions, strategies and models
Purpose Authorization and access control have been a topic of research for several
decades. However, existing definitions are inconsistent and even contradicting each other …
decades. However, existing definitions are inconsistent and even contradicting each other …
Edit automata: Enforcement mechanisms for run-time security policies
We analyze the space of security policies that can be enforced by monitoring and modifying
programs at run time. Our program monitors, called edit automata, are abstract machines …
programs at run time. Our program monitors, called edit automata, are abstract machines …
A privacy preservation model for facebook-style social network systems
Recent years have seen unprecedented growth in the popularity of social network systems,
with Facebook being an archetypical example. The access control paradigm behind the …
with Facebook being an archetypical example. The access control paradigm behind the …
What can you verify and enforce at runtime?
The underlying property, its definition, and representation play a major role when monitoring
a system. Having a suitable and convenient framework to express properties is thus a …
a system. Having a suitable and convenient framework to express properties is thus a …
Run-time enforcement of nonsafety policies
A common mechanism for ensuring that software behaves securely is to monitor programs at
run time and check that they dynamically adhere to constraints specified by a security policy …
run time and check that they dynamically adhere to constraints specified by a security policy …
Computability classes for enforcement mechanisms
A precise characterization of those security policies enforceable by program rewriting is
given. This also exposes and rectifies problems in prior work, yielding a better …
given. This also exposes and rectifies problems in prior work, yielding a better …
Runtime enforcement monitors: composition, synthesis, and enforcement abilities
Runtime enforcement is a powerful technique to ensure that a program will respect a given
set of properties. We extend previous work on this topic in several directions. Firstly, we …
set of properties. We extend previous work on this topic in several directions. Firstly, we …
A comprehensive approach to the automatic refinement and verification of access control policies
Access control is one of the building blocks of network security and is often managed by
network administrators through the definition of sets of high-level policies meant to regulate …
network administrators through the definition of sets of high-level policies meant to regulate …
Relationship-based access control policies and their policy languages
The Relationship-Based Access Control (ReBAC) model was recently proposed as a
general-purpose access control model. It supports the natural expression of parameterized …
general-purpose access control model. It supports the natural expression of parameterized …
You should better enforce than verify
Y Falcone - International Conference on Runtime Verification, 2010 - Springer
This tutorial deals with runtime enforcement and advocates its use as an extension of
runtime verification. While research efforts in runtime verification have been mainly …
runtime verification. While research efforts in runtime verification have been mainly …