Flexibly constructing secure groups in Antigone 2.0

McDaniel, Patrick; Prakash, Atul; Irrer, J; Mittal, Sandeep; Thuang, Thai-Chuin

doi:10.1109/discex.2001.932159

Cited by 4 publications

(1 citation statement)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Traditional conditions used in authorization policy simply poll local state variables (e.g., values recorded in the KeyNote action environment [7]). Recently, policy systems have begun to embrace more semantically rich conditions [18]. Such conditions can test the state of the environment, presence of qualified or authorized entities, or perform complex algorithms (e.g., query and interpret print queue length).…”

Section: Token Typementioning

confidence: 99%

On context in authorization policy

McDaniel

2003

Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies

View full text Add to dashboard Cite

Authorization policy infrastructures are evolving with the complex environments that they support. However, the requirements and technologies supporting context are not yet well understood. Often implemented as condition functions or predefined attributes, context is used to more precisely control when and how policy is enforced. This paper considers context requirements and services in authorization policy. The properties and security requirements of context evaluation are classified. A key observation gleaned from this classification is the degree to which context functions share common properties. The Antigone Condition Framework (ACF) exploits these commonalities to provide a general purpose condition service and associated API. The prototype ACF design is presented and illustrated, and directions for future work considered. General TermsSecurity

show abstract

Section: Token Typementioning

confidence: 99%