ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
Electronic Notes in Theoretical Computer Science
Volume 171, Issue 4, 10 July 2007, Pages 3-21
Proceedings of the First International Workshop on Security and Rewriting Techniques (SecReT 2006)
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Purchase PDF (381 K)

  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (0)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/j.entcs.2007.03.010    How to Cite or Link Using DOI (Opens New Window)
Copyright © 2007 Elsevier B.V. All rights reserved.

An End-To-End Approach to Distributed Policy Language Implementation (Extended Abstract)

Tom Chothiaa, E-mail The Corresponding Author, Dominic Dugganb, E-mail The Corresponding Author and Ye Wub, E-mail The Corresponding Author

aCentrum voor Wiskunde en Informatica (CWI), Kruislaan 413, 1098 SJ, P.O. Box 94079, 1090 GB Amsterdam, The Netherlands bDept of Computer Science, Stevens Institute of Technology, Hoboken, NJ 07040, USA

Available online 29 June 2007.

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Abstract

Language-based security approaches to access control and information flow control must at some point rely on a language for expressing policies. However there will in general be several choices for the correct policy language for any given application, and several choices for the implementation of a policy language in a given domain. This article considers an approach to implementing the policy language at the application level, relying on trusted cryptographic libraries whose interface security guarantees are used to verify the correctness of the policy language implementation.

Keywords: Access control; policy language; cryptographic libraries; abstract data types


Electronic Notes in Theoretical Computer Science
Volume 171, Issue 4, 10 July 2007, Pages 3-21
Proceedings of the First International Workshop on Security and Rewriting Techniques (SecReT 2006)
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.