Fine-grained disclosure of access policies

7Citations
Citations of this article
21Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

In open scenarios, where servers may receive requests to access their services from possibly unknown clients, access control is typically based on the evaluation of (certified or uncertified) properties, that clients can present. Since assuming the client to know a-priori the properties she should present to acquire access is clearly limiting, servers should be able to respond to client requests with information on the access control policies regulating access to the requested services. In this paper, we present a simple, yet flexible and expressive, approach for allowing servers to specify disclosure policies, regulating if and how access control policies on services can be communicated to clients. Our approach allows fine-grain specifications, thus capturing different ways in which policies, and portions thereof, can be communicated. We also define properties that can characterize the client view of the access control policy. © 2010 Springer-Verlag.

Cite

CITATION STYLE

APA

Ardagna, C. A., De Capitani Di Vimercati, S., Foresti, S., Neven, G., Paraboschi, S., Preiss, F. S., … Verdicchio, M. (2010). Fine-grained disclosure of access policies. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6476 LNCS, pp. 16–30). Springer Verlag. https://doi.org/10.1007/978-3-642-17650-0_3

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free