Article

Free access

Napoleon: network application policy environment

Authors:

D. Thomsen,

R. O'Brien,

C. PayneAuthors Info & Claims

RBAC '99: Proceedings of the fourth ACM workshop on Role-based access control

Pages 145 - 152

https://doi.org/10.1145/319171.319185

Published: 28 October 1999 Publication History

PDF eReader

References

[1]

D. Thomsen, R. O'Brien, J. Bogle. "Role Based Access Control Framework for Network Enterprises," Proceedings of the 14th annual Computer Security Applications Conference, pp. 50-58, December 1998.

Digital Library

Google Scholar

[2]

R. Orfali, D. Harkey, "Client/Server Programming with Java and CORBA," Wiley, New York, 1998.

Digital Library

Google Scholar

[3]

R. Sandhu, Q. Munawer. "The RRA97 Model for Role-Based Administration of Role Hierarchies," Proceedings of the 14th annual Computer Security Applications Conference, pp. 39- 49, December t998.

Digital Library

Google Scholar

[4]

T. Keefe, "Mapping Napoleon Concepts to CORBASEC V2," internal report, Secure Computing Corporation, November 1998.

Google Scholar

[5]

D. Sterne, G. Tally, C. McDonell, P. Pasturel, D. Sames, D. Sherman, E. Sebes, "Scalable Access Control for Distributed Object Systems," to appear in Proceedings of the 8th USENIX Security Symposium, Washington, DC, August 1999.

Digital Library

Google Scholar

[6]

R. Awischus, "Role Based Access Control with the Security Administration Manager (SAM)," Proceedings of the second ACM Workshop on Role-Based Access Control, pp. 61-68, November 1997.

Digital Library

Google Scholar

[7]

M. Zurko, R. Simmon, "User-Centered Security," New Security Paradigms Workshop, September 1996.

Digital Library

Google Scholar

[8]

R. Sessions, "COM and DCOM: Microsoft's vision for Distributed Objects," Wiley, New York, December 1997.

Digital Library

Google Scholar

Cited By

View all

Thomsen DSandhu RBertino E(2011)Practical policy patternsProceedings of the first ACM conference on Data and application security and privacy10.1145/1943513.1943543(225-230)Online publication date: 21-Feb-2011
https://dl.acm.org/doi/10.1145/1943513.1943543
Feltus CPetit M(2009)Building a Responsibility Model Including Accountability, Capability and Commitment2009 International Conference on Availability, Reliability and Security10.1109/ARES.2009.45(412-419)Online publication date: Mar-2009
https://doi.org/10.1109/ARES.2009.45
Feltus C(2008)Preliminary Literature Review of Policy Engineering Methods; Toward Responsibility Concept2008 3rd International Conference on Information and Communication Technologies: From Theory to Applications10.1109/ICTTA.2008.4529912(1-6)Online publication date: Apr-2008
https://doi.org/10.1109/ICTTA.2008.4529912
Show More Cited By

Index Terms

Napoleon: network application policy environment

Recommendations

Napoleon: A Recipe for Workflow
ACSAC '99: Proceedings of the 15th Annual Computer Security Applications Conference

This paper argues that Napoleon, a flexible, role-based access control (RBAC) modeling environment, is also a practical solution for enforcing business process control, or workflow, policies. Napoleon provides two important benefits for workflow: ...
A posteriori compliance control
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologies

While preventative policy enforcement mechanisms can provide theoretical guarantees that policy is correctly enforced, they have limitations in practice. They are inflexible when unanticipated circumstances arise, and most are either inflexible with ...
PoCo: A Language for Specifying Obligation-Based Policy Compositions
ICSCA '20: Proceedings of the 2020 9th International Conference on Software and Computer Applications

Existing security-policy-specification languages allow users to specify obligations, but challenges remain in the composition of complex obligations, including effective approaches for resolving conflicts between policies and obligations and allowing ...

Comments

Information & Contributors

Information

Published In

RBAC '99: Proceedings of the fourth ACM workshop on Role-based access control

October 1999

160 pages

ISBN:1581131801

DOI:10.1145/319171

Chairmen:
Charles Youman
Blue Cross Blue Shield
,
Sylvia Osborn
Univ. of Western Ontario, London, Ont., Canada

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 October 1999

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

RBAC99

Sponsor:

SIGSAC

RBAC99: Fourth ACM Workshop on Role-Based Access Control

October 28 - 29, 1999

Virginia, Fairfax, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
397
Total Downloads

Downloads (Last 12 months)37
Downloads (Last 6 weeks)4

Reflects downloads up to 01 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Thomsen DSandhu RBertino E(2011)Practical policy patternsProceedings of the first ACM conference on Data and application security and privacy10.1145/1943513.1943543(225-230)Online publication date: 21-Feb-2011
https://dl.acm.org/doi/10.1145/1943513.1943543
Feltus CPetit M(2009)Building a Responsibility Model Including Accountability, Capability and Commitment2009 International Conference on Availability, Reliability and Security10.1109/ARES.2009.45(412-419)Online publication date: Mar-2009
https://doi.org/10.1109/ARES.2009.45
Feltus C(2008)Preliminary Literature Review of Policy Engineering Methods; Toward Responsibility Concept2008 3rd International Conference on Information and Communication Technologies: From Theory to Applications10.1109/ICTTA.2008.4529912(1-6)Online publication date: Apr-2008
https://doi.org/10.1109/ICTTA.2008.4529912
Chu XOuyang KChen HLiu JJiang Y(2008)Homonymous role in role‐based discretionary access controlWireless Communications and Mobile Computing10.1002/wcm.7009:9(1287-1300)Online publication date: 20-Oct-2008
https://doi.org/10.1002/wcm.700
Keromytis ASmith J(2007)Requirements for scalable access control and security management architecturesACM Transactions on Internet Technology10.1145/1239971.12399727:2(8-es)Online publication date: 1-May-2007
https://dl.acm.org/doi/10.1145/1239971.1239972
Kohler MLiesegang CSchaad A(2007)Classification Model for Access Control Constraints2007 IEEE International Performance, Computing, and Communications Conference10.1109/PCCC.2007.358921(410-417)Online publication date: Apr-2007
https://doi.org/10.1109/PCCC.2007.358921
Keijzer AKeulen M(2007)User Feedback in Probabilistic IntegrationProceedings of the 18th International Conference on Database and Expert Systems Applications10.1109/DEXA.2007.146(377-381)Online publication date: 3-Sep-2007
https://dl.acm.org/doi/10.1109/DEXA.2007.146
Bradley DJosang A(2004)MesmerizeProceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 3210.5555/976440.976445(37-42)Online publication date: 1-Jan-2004
https://dl.acm.org/doi/10.5555/976440.976445
Kern A(2002)Advanced features for enterprise-wide role-based access control18th Annual Computer Security Applications Conference, 2002. Proceedings.10.1109/CSAC.2002.1176305(333-342)Online publication date: 2002
https://doi.org/10.1109/CSAC.2002.1176305
Apostal DFoote-Lennox TMarkham TDown ALu RO'Brien D(2001)Checkmate network security modelingProceedings DARPA Information Survivability Conference and Exposition II. DISCEX'0110.1109/DISCEX.2001.932217(214-226)Online publication date: 2001
https://doi.org/10.1109/DISCEX.2001.932217
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Napoleon: A Recipe for Workflow

A posteriori compliance control

PoCo: A Language for Specifying Obligation-Based Policy Compositions

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF

eReader

Login options

Full Access

References

Cited By

Index Terms

Recommendations

Napoleon: A Recipe for Workflow

A posteriori compliance control

PoCo: A Language for Specifying Obligation-Based Policy Compositions

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations