Access Control Policy: A Framework to Enforce Recommendations

Provided by: International Journal of Computer Science and Information Technologies
Topic: Security
Format: PDF
Access control policies are generally modeled using permission, prohibition, and obligation rules. However, this does not cover all possible scenarios as several applications have recommendation rules. In this paper, the authors provide a formal framework to express and to enforce recommendations. More precisely, their framework allows to express recommendation rules that become requirements over time. Furthermore, they give the specification of the policy controller behavior in charge of evaluating such a policy. Basically, in their formalization, a recommendation is associated with three conditions.

Find By Topic