Authorization provenance concerns how an authorization is derived. It appears important to define authorization provenance to (1) analyze policy bases, (2) defend against a class of attacks, and (3) audit authorizations. In this paper, we study a notion of authorization provenance, based on a recently proposed logic in the literature. By examining a collection of properties, we show this definition captures the intuitions of authorization provenance. We also present an application of our notion of authorization provenance: specifying and enforcing a new type of security requirements. © 2012 Springer-Verlag.
CITATION STYLE
Hu, J., Khan, K. M., Bai, Y., & Zhang, Y. (2012). Tracking and constraining authorization provenance. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7345 LNAI, pp. 669–678). https://doi.org/10.1007/978-3-642-31087-4_68
Mendeley helps you to discover research relevant for your work.