Ravi S. Sandhu

According to our database1, Ravi S. Sandhu authored at least 303 papers between 1986 and 2019.

Collaborative distances:

Awards

IEEE Fellow

IEEE Fellow 2002, "For contributions to the field of information and system security.".

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Other 

Links

Homepages:

On csauthors.net:

Bibliography

2019
Dynamic trust evaluation model based on bidding and multi-attributes for social networks.
IJHPCN, 2019

IoT Passport: A Blockchain-Based Trust Framework for Collaborative Internet-of-Things.
Proceedings of the 24th ACM Symposium on Access Control Models and Technologies, 2019

Refresh Instead of Revoke Enhances Safety and Availability: A Formal Analysis.
Proceedings of the Data and Applications Security and Privacy XXXIII, 2019

Online Malware Detection in Cloud Auto-scaling Systems Using Shallow Convolutional Neural Networks.
Proceedings of the Data and Applications Security and Privacy XXXIII, 2019

Dynamic Groups and Attribute-Based Access Control for Next-Generation Smart Cars.
Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, 2019

2018
Authorization Framework for Secure Cloud Assisted Connected Cars and Vehicular Internet of Things.
Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies, 2018

Access Control Model for Virtual Objects (Shadows) Communication for AWS Internet of Things.
Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, 2018

Malware Detection in Cloud Infrastructures Using Convolutional Neural Networks.
Proceedings of the 11th IEEE International Conference on Cloud Computing, 2018

2017
Mandatory Content Access Control for Privacy Protection in Information Centric Networks.
IEEE Trans. Dependable Sec. Comput., 2017

POSTER: Access Control Model for the Hadoop Ecosystem.
Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies, 2017

Multi-Layer Authorization Framework for a Representative Hadoop Ecosystem Deployment.
Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies, 2017

Access Control Model for AWS Internet of Things.
Proceedings of the Network and System Security - 11th International Conference, 2017

Safety of ABAC _\alpha Is Decidable.
Proceedings of the Network and System Security - 11th International Conference, 2017

Access Control Models for Virtual Object Communication in Cloud-Enabled IoT.
Proceedings of the 2017 IEEE International Conference on Information Reuse and Integration, 2017

Keynote talk #1: Attribute-based access control: Insights and challenges.
Proceedings of the IEEE Conference on Dependable and Secure Computing, 2017

Object-Tagged RBAC Model for the Hadoop Ecosystem.
Proceedings of the Data and Applications Security and Privacy XXXI, 2017

An Access Control Framework for Cloud-Enabled Wearable Internet of Things.
Proceedings of the 3rd IEEE International Conference on Collaboration and Internet Computing, 2017

Attribute Transformation for Attribute-Based Access Control.
Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control, 2017

ABAC with Group Attributes and Attribute Hierarchies Utilizing the Policy Machine.
Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control, 2017

Classifying and Comparing Attribute-Based and Relationship-Based Access Control.
Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, 2017

Clustering-Based IaaS Cloud Monitoring.
Proceedings of the 2017 IEEE 10th International Conference on Cloud Computing (CLOUD), 2017

2016
A Provenance-Aware Access Control Framework with Typed Provenance.
IEEE Trans. Dependable Sec. Comput., 2016

Safety Decidability for Pre-Authorization Usage Control with Finite Attribute Domains.
IEEE Trans. Dependable Sec. Comput., 2016

An Access Control Model for Online Social Networks Using User-to-User Relationships.
IEEE Trans. Dependable Sec. Comput., 2016

Foreword.
Intelligent Automation & Soft Computing, 2016

Panel Security and Privacy in the Age of Internet of Things: Opportunities and Challenges.
Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, 2016

Extended ReBAC Administrative Models with Cascading Revocation and Provenance Support.
Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, 2016

The \mathrm GURA_G GURA G Administrative Model for User and Group Attribute Assignment.
Proceedings of the Network and System Security - 10th International Conference, 2016

An Attribute-Based Protection Model for JSON Documents.
Proceedings of the Network and System Security - 10th International Conference, 2016

On the Relationship Between Finite Domain ABAM and PreUCON \mathrm _A A.
Proceedings of the Network and System Security - 10th International Conference, 2016

Uni-ARBAC: A Unified Administrative Model for Role-Based Access Control.
Proceedings of the Information Security - 19th International Conference, 2016

Object-to-Object Relationship-Based Access Control: Model and Multi-Cloud Demonstration (Invited Paper).
Proceedings of the 17th IEEE International Conference on Information Reuse and Integration, 2016

Role-Centric Circle-of-Trust in Multi-tenant Cloud IaaS.
Proceedings of the Data and Applications Security and Privacy XXX, 2016

A Comparison of Logical-Formula and Enumerated Authorization Policy ABAC Models.
Proceedings of the Data and Applications Security and Privacy XXX, 2016

An Attribute-Based Access Control Extension for OpenStack and Its Enforcement Utilizing the Policy Machine.
Proceedings of the 2nd IEEE International Conference on Collaboration and Internet Computing, 2016

Access Control Models for Cloud-Enabled Internet of Things: A Proposed Architecture and Research Agenda.
Proceedings of the 2nd IEEE International Conference on Collaboration and Internet Computing, 2016

Multi Cloud IaaS with Domain Trust in OpenStack.
Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, 2016

Label-Based Access Control: An ABAC Model with Enumerated Authorization Policy.
Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control, 2016

Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS.
Proceedings of the 4th ACM International Workshop on Security in Cloud Computing, 2016

POSTER: Security Enhanced Administrative Role Based Access Control Models.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015
Fingerprint-Based Detection and Diagnosis of Malicious Programs in Hardware.
IEEE Trans. Reliability, 2015

LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking.
IEEE Trans. Information Forensics and Security, 2015

Multi-tenancy authorization models for collaborative cloud services.
Concurrency and Computation: Practice and Experience, 2015

Mitigating Multi-Tenancy Risks in IaaS Cloud Through Constraints-Driven Virtual Resource Scheduling.
Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, 2015

MT-ABAC: A Multi-Tenant Attribute-Based Access Control Model with Tenant Trust.
Proceedings of the Network and System Security - 9th International Conference, 2015

Hierarchical Secure Information and Resource Sharing in OpenStack Community Cloud.
Proceedings of the 2015 IEEE International Conference on Information Reuse and Integration, 2015

Community-Based Secure Information and Resource Sharing in AWS Public Cloud.
Proceedings of the IEEE Conference on Collaboration and Internet Computing, 2015

Secure Information and Resource Sharing in Cloud.
Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, 2015

Content Level Access Control for OpenStack Swift Storage.
Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, 2015

Virtual Resource Orchestration Constraints in Cloud Infrastructure as a Service.
Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, 2015

Attribute-Based Access Control Models and Beyond.
Proceedings of the 10th ACM Symposium on Information, 2015

Authorization Federation in IaaS Multi Cloud.
Proceedings of the 3rd International Workshop on Security in Cloud Computing, 2015

2014
A roadmap for privacy-enhanced secure data provenance.
J. Intell. Inf. Syst., 2014

Securing Big Data Applications in the Cloud [Guest editors' introduction].
IEEE Cloud Computing, 2014

Extending OpenStack Access Control with Domain Trust.
Proceedings of the Network and System Security - 8th International Conference, 2014

A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service.
Proceedings of the Network and System Security - 8th International Conference, 2014

Adopting Provenance-Based Access Control in OpenStack Cloud IaaS.
Proceedings of the Network and System Security - 8th International Conference, 2014

Attribute-Aware Relationship-Based Access Control for Online Social Networks.
Proceedings of the Data and Applications Security and Privacy XXVIII, 2014

Role and attribute based collaborative administration of intra-tenant cloud IaaS.
Proceedings of the 10th IEEE International Conference on Collaborative Computing: Networking, 2014

Secure Information and Resource Sharing in Cloud Infrastructure as a Service.
Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security, 2014

Access Control.
Proceedings of the Computing Handbook, 2014

2013
Collaboration in Multicloud Computing Environments: Framework and Security Issues.
IEEE Computer, 2013

Preserving user privacy from third-party applications in online social networks.
Proceedings of the 22nd International World Wide Web Conference, 2013

Towards an Attribute Based Constraints Specification Language.
Proceedings of the International Conference on Social Computing, SocialCom 2013, 2013

A multi-tenant RBAC model for collaborative cloud services.
Proceedings of the Eleventh Annual International Conference on Privacy, Security and Trust, 2013

A provenance-based access control model for dynamic separation of duties.
Proceedings of the Eleventh Annual International Conference on Privacy, Security and Trust, 2013

Cross-tenant trust models in cloud computing.
Proceedings of the IEEE 14th International Conference on Information Reuse & Integration, 2013

The future of access control: Attributes, automation and adaptation.
Proceedings of the IEEE 14th International Conference on Information Reuse & Integration, 2013

Reachability analysis for role-based administration of attributes.
Proceedings of the DIM'13, 2013

Multi-tenancy authorization models for collaborative cloud services.
Proceedings of the 2013 International Conference on Collaboration Technologies and Systems, 2013

Engineering access control policies for provenance-aware systems.
Proceedings of the Third ACM Conference on Data and Application Security and Privacy, 2013

A framework for risk-aware role based access control.
Proceedings of the IEEE Conference on Communications and Network Security, 2013

The science, engineering and business of cyber security.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
Editorial.
IEEE Trans. Dependable Sec. Comput., 2012

Speculations on the science of web user security.
Computer Networks, 2012

Dependency Path Patterns as the Foundation of Access Control in Provenance-aware Systems.
Proceedings of the 4th Workshop on the Theory and Practice of Provenance, 2012

Relationship-Based Access Control for Online Social Networks: Beyond User-to-User Relationships.
Proceedings of the 2012 International Conference on Privacy, 2012

The authorization leap from rights to attributes: maturation or chaos?
Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, 2012

A provenance-based access control model.
Proceedings of the Tenth Annual International Conference on Privacy, Security and Trust, 2012

RABAC: Role-Centric Attribute-Based Access Control.
Proceedings of the Computer Network Security, 2012

Integrated provenance data for access control in group-centric collaboration.
Proceedings of the IEEE 13th International Conference on Information Reuse & Integration, 2012

Risk-Aware RBAC Sessions.
Proceedings of the Information Systems Security, 8th International Conference, 2012

A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC.
Proceedings of the Data and Applications Security and Privacy XXVI, 2012

A User-to-User Relationship-Based Access Control Model for Online Social Networks.
Proceedings of the Data and Applications Security and Privacy XXVI, 2012

A group-centric model for collaboration with expedient insiders in multilevel systems.
Proceedings of the 2012 International Conference on Collaboration Technologies and Systems, 2012

A lattice interpretation of group-centric collaboration with expedient insiders.
Proceedings of the 8th International Conference on Collaborative Computing: Networking, 2012

2011
Relational Database Security.
Proceedings of the Encyclopedia of Information Assurance, 2011

Relational Database Access Controls: SQL.
Proceedings of the Encyclopedia of Information Assurance, 2011

Group-Centric Secure Information-Sharing Models for Isolated Groups.
ACM Trans. Inf. Syst. Secur., 2011

A User-Activity-Centric Framework for Access Control in Online Social Networks.
IEEE Internet Computing, 2011

Roles in information security - A survey and classification of the research area.
Computers & Security, 2011

Building malware infection trees.
Proceedings of the 6th International Conference on Malicious and Unwanted Software, 2011

Authorization Policy Specification and Enforcement for Group-Centric Secure Information Sharing.
Proceedings of the Information Systems Security - 7th International Conference, 2011

RT-based administrative models for community cyber security information sharing.
Proceedings of the 7th International Conference on Collaborative Computing: Networking, 2011

On data provenance in group-centric secure collaboration.
Proceedings of the 7th International Conference on Collaborative Computing: Networking, 2011

The challenge of data and application security and privacy (DASPY): are we up to it.
Proceedings of the First ACM Conference on Data and Application Security and Privacy, 2011

ACON: Activity-Centric Access Control for Social Computing.
Proceedings of the Sixth International Conference on Availability, 2011

An Attribute Based Framework for Risk-Adaptive Access Control Models.
Proceedings of the Sixth International Conference on Availability, 2011

2010
Editorial.
IEEE Trans. Dependable Sec. Comput., 2010

Editorial.
IEEE Trans. Dependable Sec. Comput., 2010

Social-Networks Connect Services.
IEEE Computer, 2010

Trustworthy Information: Concepts and Mechanisms.
Proceedings of the Web-Age Information Management, 11th International Conference, 2010

Analyzing and Exploiting Network Behaviors of Malware.
Proceedings of the Security and Privacy in Communication Networks, 2010

Group-Centric Models for Secure and Agile Information Sharing.
Proceedings of the Computer Network Security, 2010

Symptoms-Based Detection of Bot Processes.
Proceedings of the Computer Network Security, 2010

Evaluating detection and treatment effectiveness of commercial anti-malware programs.
Proceedings of the 5th International Conference on Malicious and Unwanted Software, 2010

10141 Summary - Distributed Usage Control.
Proceedings of the Distributed Usage Control, 06.04. - 09.04.2010, 2010

10141 Abstracts Collection - Distributed Usage Control.
Proceedings of the Distributed Usage Control, 06.04. - 09.04.2010, 2010

Towards Secure Information Sharing models for community Cyber Security.
Proceedings of the 6th International Conference on Collaborative Computing: Networking, 2010

Towards a framework for cyber social status based trusted open collaboration.
Proceedings of the 6th International Conference on Collaborative Computing: Networking, 2010

Towards a discipline of mission-aware cloud computing.
Proceedings of the 2nd ACM Cloud Computing Security Workshop, 2010

Social Network-Based Botnet Command-and-Control: Emerging Threats and Countermeasures.
Proceedings of the Applied Cryptography and Network Security, 8th International Conference, 2010

2009
An Access Control Language for a General Provenance Model.
Proceedings of the Secure Data Management, 6th VLDB Workshop, 2009

Foundations for group-centric secure information sharing models.
Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

Analyzing DNS activities of bot processes.
Proceedings of the 4th International Conference on Malicious and Unwanted Software, 2009

A Characterization of the problem of secure provenance management.
Proceedings of the IEEE International Conference on Intelligence and Security Informatics, 2009


TIUPAM: A Framework for Trustworthiness-Centric Information Sharing.
Proceedings of the Trust Management III, Third IFIP WG 11.11 International Conference, 2009

A Hybrid Enforcement Model for Group-centric Secure Information Sharing.
Proceedings of the 12th IEEE International Conference on Computational Science and Engineering, 2009

The PEI framework for application-centric security.
Proceedings of the 5th International Conference on Collaborative Computing: Networking, 2009

Towards a framework for group-centric secure collaboration.
Proceedings of the 5th International Conference on Collaborative Computing: Networking, 2009

A conceptual framework for Group-Centric secure information sharing.
Proceedings of the 2009 ACM Symposium on Information, 2009

A Framework for Understanding Botnets.
Proceedings of the The Forth International Conference on Availability, 2009

A First Step towards Characterizing Stealthy Botnets.
Proceedings of the The Forth International Conference on Availability, 2009

2008
Toward a Usage-Based Security Framework for Collaborative Computing Systems.
ACM Trans. Inf. Syst. Secur., 2008

Security Enforcement Model for Distributed Usage Control.
Proceedings of the IEEE International Conference on Sensor Networks, 2008

ROWLBAC: representing role based access control in OWL.
Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, 2008

Role Based Access Control and OWL.
Proceedings of the Fourth OWLED Workshop on OWL: Experiences and Directions, 2008

IS 2008 PC Co-chairs' Message.
Proceedings of the On the Move to Meaningful Internet Systems: OTM 2008, 2008

QoS Aware Dependable Distributed Stream Processing.
Proceedings of the 11th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing (ISORC 2008), 2008

Privacy-Preserving Accountable Accuracy Management Systems (PAAMS).
Proceedings of the Protecting Persons While Protecting the People, 2008

The ASCAA Principles for access control interpreted for collaboration systems.
Proceedings of the 2008 International Symposium on Collaborative Technologies and Systems, 2008

Stale-safe security properties for group-based secure information sharing.
Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering, 2008

2007
RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role-Based Access Control".
IEEE Security & Privacy, 2007

Towards a VMM-based usage control framework for OS kernel integrity protection.
Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, 2007

PEI models towards scalable, usable and high-assurance information sharing.
Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, 2007

Framework for Agent-Based Role Delegation.
Proceedings of IEEE International Conference on Communications, 2007

Towards a Times-Based Usage Control Model.
Proceedings of the Data and Applications Security XXI, 2007

A Scalable and Secure Cryptographic Service.
Proceedings of the Data and Applications Security XXI, 2007

SecureBus: towards application-transparent trusted computing with mandatory access control.
Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security, 2007

2006
Secure knowledge management: confidentiality, trust, and privacy.
IEEE Trans. Systems, Man, and Cybernetics, Part A, 2006

An effective role administration model using organization structure.
ACM Trans. Inf. Syst. Secur., 2006

Client-side access control enforcement using trusted computing and PEI models.
J. High Speed Networks, 2006

A usage-based authorization framework for collaborative computing systems.
Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, 2006

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing.
Proceedings of the Advances in Information and Computer Security, 2006

ROBAC: Scalable Role and Organization Based Access Control Models.
Proceedings of the 2nd International ICST Conference on Collaborative Computing: Networking, 2006

Safety analysis of usage control authorization models.
Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, 2006

Secure information sharing enabled by Trusted Computing and PEI models.
Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, 2006

A general design towards secure ad-hoc collaboration.
Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, 2006

2005
Formal model and policy specification of usage control.
ACM Trans. Inf. Syst. Secur., 2005

Editorial.
ACM Trans. Inf. Syst. Secur., 2005

Database Security-Concepts, Approaches, and Challenges.
IEEE Trans. Dependable Sec. Comput., 2005

Enhancing Data Authenticity and Integrity in P2P Systems.
IEEE Internet Computing, 2005

Peer-to-peer access control architecture using trusted computing technology.
Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, 2005

2004
The UCONABC usage control model.
ACM Trans. Inf. Syst. Secur., 2004

A logical specification for usage control.
Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, 2004

Security for grid-based computing systems issues and challenges.
Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, 2004

Towards a Multi-dimensional Characterization of Dissemination Control.
Proceedings of the 5th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), 2004

Models, Protocols, and Architectures for Secure Pervasive Computing: Challenges and Research Directions.
Proceedings of the 2nd IEEE Conference on Pervasive Computing and Communications Workshops (PerCom 2004 Workshops), 2004

Enhancing Anonymity via Market Competition.
Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04), 2004

A Perspective on Graphs and Access Control Models.
Proceedings of the Graph Transformations, Second International Conference, 2004

Attribute Mutability in Usage Control.
Proceedings of the Research Directions in Data and Applications Security XVIII, 2004

Role-Based Delegation Model/ Hierarchical Roles (RBDM1).
Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), 2004

Mohammad A. Al-Kahtani, Ravi Sandhu.
Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), 2004

2003
Good-Enough Security: Toward a Pragmatic Business-Driven Discipline.
IEEE Internet Computing, 2003

Guest Editors' Introduction: Identity Management.
IEEE Internet Computing, 2003

IEEE Internet Computing: Security Track - Good Enough Security.
IEEE Distributed Systems Online, 2003

IEEE Internet Computing: Guest Editors' Introduction - Identity Management.
IEEE Distributed Systems Online, 2003

PBDM: a flexible delegation model in RBAC.
Proceedings of the 8th ACM Symposium on Access Control Models and Technologies, 2003

Induced role hierarchies with attribute-based RBAC.
Proceedings of the 8th ACM Symposium on Access Control Models and Technologies, 2003

Usage Control: A Vision for Next Generation Access Control.
Proceedings of the Computer Network Security, 2003

Schema Based XML Security: RBAC Approach.
Proceedings of the Data and Applications Security XVII: Status and Prospects, 2003

Two Efficient and Provably Secure Schemes for Server-Assisted Threshold Signatures.
Proceedings of the Topics in Cryptology, 2003

2002
Guest Editor's Introduction: The Technology of Trust.
IEEE Internet Computing, 2002

IEEE Internet Computing: Guest Editor's Introduction - The Technology of Trust.
IEEE Distributed Systems Online, 2002

Towards usage control models: beyond traditional access control.
Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, 2002

A model for role administration using organization structure.
Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, 2002

Making access control more usable.
Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, 2002

Authenticated multicast immune to denial-of-service attack.
Proceedings of the 2002 ACM Symposium on Applied Computing (SAC), 2002

Originator Control in Usage Control.
Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), 2002

A Model for Attribute-Based User-Role Assignment.
Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC 2002), 2002

2001
Role-based access control on the web.
ACM Trans. Inf. Syst. Secur., 2001

Proposed NIST standard for role-based access control.
ACM Trans. Inf. Syst. Secur., 2001

Decentralized user group assignment in Windows NT.
Journal of Systems and Software, 2001

The Security of Practical Two-Party RSA Signature Schemes.
IACR Cryptology ePrint Archive, 2001

Designing an IT College.
Proceedings of the Networking the Learner: Computers in Education, 2001

Panel: The next generation of acess control models (panel session): do we need them and what should they be?
Proceedings of the 6th ACM Symposium on Access Control Models and Technologies, 2001

Future Directions in Role-Based Access Control Models.
Proceedings of the Information Assurance in Computer Networks: Methods, 2001

Role-based Access Control on the Web Using LDAP.
Proceedings of the Database and Application Security XV, 2001

Secure Role-Based Workflow Models.
Proceedings of the Database and Application Security XV, 2001

Engineering of Role/Permission Assignments.
Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC 2001), 2001

2000
Configuring role-based access control to enforce mandatory and discretionary access control policies.
ACM Trans. Inf. Syst. Secur., 2000

Role-based authorization constraints specification.
ACM Trans. Inf. Syst. Secur., 2000

Secure Cookies on the Web.
IEEE Internet Computing, 2000

Guest Editors' Introduction: What Makes Security Technologies Relevant?
IEEE Internet Computing, 2000

The NIST model for role-based access control: towards a unified standard.
Proceedings of the Fifth ACM Workshop on Role-Based Access Control, 2000

Engineering authority and trust in cyberspace: the OM-AM and RBAC way.
Proceedings of the Fifth ACM Workshop on Role-Based Access Control, 2000

Injecting RBAC to secure a Web-based workflow system.
Proceedings of the Fifth ACM Workshop on Role-Based Access Control, 2000

Security Architectures for Controlled Digital Information Dissemination.
Proceedings of the 16th Annual Computer Security Applications Conference (ACSAC 2000), 2000

Binding Identities and Attributes using Digitally Signed Certificates.
Proceedings of the 16th Annual Computer Security Applications Conference (ACSAC 2000), 2000

Framework for Role-based Delegation Models.
Proceedings of the 16th Annual Computer Security Applications Conference (ACSAC 2000), 2000

1999
The ARBAC97 Model for Role-Based Administration of Roles.
ACM Trans. Inf. Syst. Secur., 1999

Editorial.
ACM Trans. Inf. Syst. Secur., 1999

Towards role-based administration in network information services.
J. Network and Computer Applications, 1999

Role-based Administration of User-Role Assignment: The URA97 Model and its Oracle Implementation.
Journal of Computer Security, 1999

RBAC on the Web by Smart Certificates.
Proceedings of the Fourth ACM Workshop on Role-Based Access Control, 1999

Towards a UML Based Approach to Role Engineering.
Proceedings of the Fourth ACM Workshop on Role-Based Access Control, 1999

The RSL99 Language for Role-Based Separation of Duty Constraints.
Proceedings of the Fourth ACM Workshop on Role-Based Access Control, 1999

RBAC on the Web by Secure Cookies.
Proceedings of the Research Advances in Database and Information Systems Security, 1999

Extending The BFA Workflow Authorization Model to Express Weighted Voting.
Proceedings of the Research Advances in Database and Information Systems Security, 1999

The ARBAC99 Model for Administration of Roles.
Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC 1999), 1999

Information Security Education for the Next Millennium: Building the Next Generation of Practitioners (Forum).
Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC 1999), 1999

1998
The Multilevel Relational (MLR) Data Model.
ACM Trans. Inf. Syst. Secur., 1998

Editorial.
ACM Trans. Inf. Syst. Secur., 1998

Role-Based Access Control.
Advances in Computers, 1998

Decentralized User-role Assignment for Web-based Intranets.
Proceedings of the Third ACM Workshop on Role-Based Access Control, 1998

How to Do Discretionary Access Control Using Roles.
Proceedings of the Third ACM Workshop on Role-Based Access Control, 1998

An Oracle Implementation of the PRA97 Model for Permission-Role Assignment.
Proceedings of the Third ACM Workshop on Role-Based Access Control, 1998

Role Activation Hierarchies.
Proceedings of the Third ACM Workshop on Role-Based Access Control, 1998

The RRA97 Model for Role-Based Administration of Role Hierarchies.
Proceedings of the 14th Annual Computer Security Applications Conference (ACSAC 1998), 1998

Concentric Supervision of Security Applications: A New Security Management Paradigm.
Proceedings of the 14th Annual Computer Security Applications Conference (ACSAC 1998), 1998

1997
The ARBAC97 model for role-based administration of roles: preliminary description and outline.
Proceedings of the Second Workshop on Role-Based Access Control, 1997

SNMP-based Network Security Management.
Proceedings of the Integrated Network Management V, 1997

Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management.
Proceedings of the Database Securty XI: Status and Prospects, 1997

The URA97 Model for Role-Based User-Role Assignment.
Proceedings of the Database Securty XI: Status and Prospects, 1997

Lattice Based Models for Controlled Sharing of Confidential Information in the Saudi Hajj System.
Proceedings of the 13th Annual Computer Security Applications Conference (ACSAC 1997), 1997

Authentication, Access Controls, and Intrusion Detection.
Proceedings of the Computer Science and Engineering Handbook, 1997

1996
A Trusted Subject Architecture for Multilevel Secure Object-Oriented Databases.
IEEE Trans. Knowl. Data Eng., 1996

The Expressive Power of Multi-parent Creation in Monotonic Access Control Models.
Journal of Computer Security, 1996

Authetication, Access Control, and Audit.
ACM Comput. Surv., 1996

Role-Based Access Control Models.
IEEE Computer, 1996

Role Hierarchies and Constraints for Lattice-Based Access Controls.
Proceedings of the Computer Security, 1996

Implementation Experiences and Prospects.
Proceedings of the Database Security Volume X, 1996

Open Issues in Database Security.
Proceedings of the Database Security Volume X, 1996

Access Control: The Neglected Frontier.
Proceedings of the Information Security and Privacy, First Australasian Conference, 1996

1995
The semantics and expressive power of the MLR data model.
Proceedings of the 1995 IEEE Symposium on Security and Privacy, 1995

Rationale for the RBAC96 family of access control models.
Proceedings of the First ACM Workshop on Role-Based Access Control, 1995

Roles versus groups.
Proceedings of the First ACM Workshop on Role-Based Access Control, 1995

Issues in RBAC.
Proceedings of the First ACM Workshop on Role-Based Access Control, 1995

Workshop summary.
Proceedings of the First ACM Workshop on Role-Based Access Control, 1995

NetWare 4 as an example of role-based access control.
Proceedings of the First ACM Workshop on Role-Based Access Control, 1995

Constraints for role-based access control.
Proceedings of the First ACM Workshop on Role-Based Access Control, 1995

Panel Discussion: Role-Based Access Control and Next-Generation Security Models.
Proceedings of the Database Security IX: Status and Prospects, 1995

1994
Integrating security technology and object-oriented technology (panel).
OOPS Messenger, 1994

Security for object-oriented systems.
OOPS Messenger, 1994

The standards are coming! Standards for security in object-oriented systems.
OOPS Messenger, 1994

Securing Cyberspace - Introduction to the Special Section.
Commun. ACM, 1994

On the minimality of testing for rights in transformation models.
Proceedings of the 1994 IEEE Computer Society Symposium on Research in Security and Privacy, 1994

Supporting Object-Based High-Assurance Write-up in Multilevel Databases for the Replicated Architecture.
Proceedings of the Computer Security, 1994

On the Expressive Power of the Unary Transformation Model.
Proceedings of the Computer Security, 1994

Conceptual Foundations for a Model of Task-based Authorizations.
Proceedings of the Seventh IEEE Computer Security Foundations Workshop, 1994

One-Representative Safety Analysis in the Non-Monotonic Transform Model.
Proceedings of the Seventh IEEE Computer Security Foundations Workshop, 1994

Role-based access control: a multi-dimensional view.
Proceedings of the 10th Annual Computer Security Applications Conference, 1994

1993
A Kernelized Architecture for Multilevel Secure Object-Oriented Databases Supporting Write-Up.
Journal of Computer Security, 1993

Limitations of Relational Data Base Access Controls.
Information Systems Security, 1993

Lattice-Based Access Control Models.
IEEE Computer, 1993

A distributed capability-based architecture for the transform model.
Computers & Security, 1993

Security for Object-Oriented Systems: An Editorial Overview.
Proceedings of the Security for Object-Oriented Systems, 1993

Concurrency, Synchronization, and Scheduling to Support High-Assurance Write-Up in Multilevel Object-Based Computing.
Proceedings of the Security for Object-Oriented Systems, 1993

Security for OODBMS (Or Systems) - Panel.
Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), Eighth Annual Conference, Washington, DC, USA, September 26, 1993

Towards a task-based paradigm for flexible and adaptable access control in distributed applications.
Proceedings of the Proceedings on the 1992-1993 Workshop on New Security Paradigms, 1993

Towards a Unified Framework and Theory for Reasoning about Security and Correctness of Transactions in Multilevel databases.
Proceedings of the Database Security, 1993

On Five Definitions of Data Integrity.
Proceedings of the Database Security, 1993

On Testing for Absence of Rights in Access Control Models.
Proceedings of the 6th IEEE Computer Security Foundations Workshop, 1993

Expressive power of the single-object typed access matrix model.
Proceedings of the Ninth Annual Computer Security Applications Conference, 1993

1992
Undecidability of Safety for the Schematic Protection Model with Cyclic Creates.
J. Comput. Syst. Sci., 1992

The Extended Schematic Protection Model
Journal of Computer Security, 1992

Eliminating polyinstantiation securely.
Computers & Security, 1992

Lattice-based enforcement of Chinese Walls.
Computers & Security, 1992

Non-monotonic transformation of access rights.
Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, 1992

The typed access matrix model.
Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, 1992

Polyinstantation for Cover Stories.
Proceedings of the Computer Security, 1992

Implementing the Message Filter Object-Oriented Security Model without Trusted Subjects.
Proceedings of the Database Security, 1992

The Expressive Power of Multi-Parent Creation in a Monotonic Access Control Model.
Proceedings of the 5th IEEE Computer Security Foundations Workshop, 1992

Implementing transaction control expressions by checking for absence of access rights.
Proceedings of the Eighth Annual Computer Security Applications Conference, 1992

1991
Integrity principles and mechanisms in database management systems.
Computers & Security, 1991

A Novel Decomposition of Multilevel Relations into Single-Level Relations.
Proceedings of the 1991 IEEE Symposium on Security and Privacy, 1991

Safety Analysis for the Extended Schematic Protection Model.
Proceedings of the 1991 IEEE Symposium on Security and Privacy, 1991

Towards a Multilevel Secure Relational Data Model.
Proceedings of the 1991 ACM SIGMOD International Conference on Management of Data, 1991

Supporting Timing-Channel Free Computations in Multilevel Secure Object-Oriented Databases.
Proceedings of the Database Security, 1991

A Secure Kernelized Architecture for Multiple Object-Oriented Databases.
Proceedings of the 4th IEEE Computer Security Foundations Workshop, 1991

A single-level scheduler for the replicated architecture for multilevel-secure databases.
Proceedings of the Seventh Annual Computer Security Applications Conference, 1991

A distributed implementation of the extended schematic protection model.
Proceedings of the Seventh Annual Computer Security Applications Conference, 1991

1990
Database Security: Current Status and Key Issues.
SIGMOD Record, 1990

Polyinstantiation Integrity in Multilevel Relations.
Proceedings of the 1990 IEEE Symposium on Security and Privacy, 1990

Separation of Duties in Computerized Information Systems.
Proceedings of the Database Security, 1990

Polyinstantiation Integrity in Multilevel Relations Revisited.
Proceedings of the Database Security, 1990

A New Polyinstantiation Integrity Constraint for Multilevel Relations.
Proceedings of the Third IEEE Computer Security Foundations Workshop, 1990

A Formal Framework for Single Level Decomposition of Multilevel Relations.
Proceedings of the Third IEEE Computer Security Foundations Workshop, 1990

Update semantics for multilevel relations.
Proceedings of the Sixth Annual Computer Security Applications Conference, 1990

Extending the creation operation in the Schematic Protection Model.
Proceedings of the Sixth Annual Computer Security Applications Conference, 1990

1989
Recognizing Immediacy in an N-Tree Hierarchy and Its Application to Protection Groups.
IEEE Trans. Software Eng., 1989

The Demand Operation in the Schematic Protection Model.
Inf. Process. Lett., 1989

The Reflected Tree Hierarchy for Protection and Sharing.
Inf. Process. Lett., 1989

Transformation of Access Rights.
Proceedings of the 1989 IEEE Symposium on Security and Privacy, 1989

Discussion Summary.
Proceedings of the Database Security, 1989

Mandatory Controls for Database Integrity.
Proceedings of the Database Security, 1989

A perspective on integrity mechanisms.
Proceedings of the Fifth Annual Computer Security Applications Conference, 1989

1988
The NTree: A Two Dimension Partial Order for Protection Groups.
ACM Trans. Comput. Syst., 1988

The schematic protection model: its definition and analysis for acyclic attenuating schemes.
J. ACM, 1988

Cryptographic Implementation of a Tree Hierarchy for Access Control.
Inf. Process. Lett., 1988

Expressive Power of the Schematic Protection Model.
Proceedings of the First IEEE Computer Security Foundations Workshop, 1988

1986
Some Owner Based Schemes with Dynamic Groups in the Schematic Protection Model.
Proceedings of the 1986 IEEE Symposium on Security and Privacy, 1986


  Loading...