Konstantine Arkoudas, Ritu Chadha & Cho-Yu Jason Chiang (2014):
Sophisticated Access Control via SMT and Logical Frameworks.
ACM Trans. Inf. Syst. Secur. 16(4),
pp. 17,
doi:10.1145/2595222.
Arosha K. Bandara, Emil Lupu & Alessandra Russo (2003):
Using Event Calculus to Formalise Policy Specification and Analysis.
In: POLICY.
IEEE Computer Society,
pp. 26,
doi:10.1109/POLICY.2003.1206955.
David E. Bell & Leonard J. LaPadula (1976):
Secure Computer System: Unified Exposition and MULTICS Interpretation.
Technical Report.
The MITRE Corporation.
Elisa Bertino, Carolyn Brodie, Seraphin B. Calo, Lorrie Faith Cranor, Clare-Marie Karat, John Karat, Ninghui Li, Dan Lin, Jorge Lobo, Qun Ni, Prathima Rao & Xiping Wang (2009):
Analysis of privacy and security policies..
IBM Journal of Research and Development 53(2),
doi:10.1147/JRD.2009.5429045.
Kenneth J. Biba (1977):
Integrity Considerations for Secure Computer Systems.
Technical Report.
The MITRE Corporation.
Matthew A. Bishop (2002):
The Art and Science of Computer Security.
Addison-Wesley.
D. F. C. Brewer & Michael J. Nash (1989):
The Chinese Wall Security Policy.
In: Security and Privacy.
IEEE Computer Society,
pp. 206–214,
doi:10.1109/SECPRI.1989.36295.
D. D. Clark & D. R. Wilson (1987):
A Comparison of Commercial and Military Computer Security Policies.
In: Security and Privacy.
IEEE Computer Society,
pp. 184–195,
doi:10.1109/SP.1987.10001.
Nicodemos Damianou, Naranker Dulay, Emil Lupu & Morris Sloman (2001):
The Ponder Policy Specification Language.
In: POLICY,
LNCS 1995.
Springer,
pp. 18–38,
doi:10.1007/3-540-44569-2_2.
David Ferraiolo & Richard Kuhn (1992):
Role-Based Access Control.
In: NIST-NCSC,
pp. 554–563.
Kathi Fisler, Shriram Krishnamurthi, Leo A. Meyerovich & Michael C. Tschantz (2005):
Verification and change-impact analysis of access-control policies.
In: ICSE.
ACM,
pp. 196–205,
doi:10.1145/1062455.1062502.
G. Scott Graham & Peter J. Denning (1972):
Protection: Principles and Practice.
In: AFIPS.
ACM,
pp. 417–429,
doi:10.1145/1478873.1478928.
Marco Guarnieri, Mario Arrigoni Neri, Eros Magri & Simone Mutti (2013):
On the notion of redundancy in access control policies.
In: SACMAT.
ACM,
pp. 161–172,
doi:10.1145/2462410.2462426.
Sushil Jajodia, Pierangela Samarati & V. S. Subrahmanian (1997):
A Logical Language for Expressing Authorizations.
In: Security and Privacy.
IEEE Computer Society,
pp. 31–42,
doi:10.1109/SECPRI.1997.601312.
Xin Jin, Ram Krishnan & Ravi S. Sandhu (2012):
A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC.
In: DBSec.
Springer,
pp. 41–55,
doi:10.1007/978-3-642-31540-4_4.
Vladimir Kolovski, James A. Hendler & Bijan Parsia (2007):
Analyzing web access control policies.
In: WWW.
ACM,
pp. 677–686,
doi:10.1145/1242572.1242664.
Butler W. Lampson (1974):
Protection.
Operating Systems Review 8(1),
pp. 18–24,
doi:10.1145/775265.775268.
Aliaksandr Lazouski, Fabio Martinelli & Paolo Mori (2010):
Usage control in computer security: A survey.
Computer Science Review 4(2),
pp. 81–99,
doi:10.1016/j.cosrev.2010.02.002.
Andrea Margheri, Rosario Pugliese & Francesco Tiezzi (2015):
A Light Version of the FACPL Policy Language.
Technical Report.
Available at http://facpl.sourceforge.net/research/lightFACPLTR.pdf.
Leonardo Mendonça de Moura & Nikolaj Bjørner (2008):
Z3: An Efficient SMT Solver.
In: TACAS 2008.
Springer,
pp. 337–340,
doi:10.1007/978-3-540-78800-3_24.
Leonardo Mendonça de Moura & Nikolaj Bjørner (2011):
Satisfiability modulo theories: introduction and applications.
Commun. ACM 54(9),
pp. 69–77,
doi:10.1145/1995376.1995394.
NIST (2009):
A survey of access control models.
http://csrc.nist.gov/news_events/privilege-management-workshop/PvM-Model-Survey-Aug26-2009.pdf.
OASIS XACML TC (2013):
eXtensible Access Control Markup Language (XACML) version 3.0.
https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml.
Ravi S. Sandhu (1993):
Lattice-Based Access Control Models.
IEEE Computer 26(11),
pp. 9–19,
doi:10.1109/2.241422.
Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein & Charles E. Youman (1996):
Role-Based Access Control Models.
IEEE Computer 29(2),
pp. 38–47,
doi:10.1109/2.485845.
Sabrina De Capitani di Vimercati, Sara Foresti & Pierangela Samarati (2008):
Recent Advances in Access Control.
In: Michael Gertz & Sushil Jajodia: Handbook of Database Security.
Springer,
pp. 1–26,
doi:10.1007/978-0-387-48533-1_1.