Relevant bibliographies by topics / Data access control policies

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Data access control policies'

Author: Grafiati
Published: 6 September 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Data access control policies.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Data access control policies"

1

Jain, Taniya. "Secure Big Data Access Control Policies for Cloud Computing Environment." International Journal of Innovative Research in Computer Science & Technology 5, no. 2 (March 31, 2017): 253–56. http://dx.doi.org/10.21276/ijircst.2017.5.2.8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Bouganim, Luc, Francois Dang Ngoc, and Philippe Pucheral. "Dynamic access-control policies on XML encrypted data." ACM Transactions on Information and System Security 10, no. 4 (January 2008): 1–37. http://dx.doi.org/10.1145/1284680.1284684.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Brewster, Christopher, Barry Nouwt, Stephan Raaijmakers, and Jack Verhoosel. "Ontology-based Access Control for FAIR Data." Data Intelligence 2, no. 1-2 (January 2020): 66–77. http://dx.doi.org/10.1162/dint_a_00029.

Full text
Abstract:
This paper focuses on fine-grained, secure access to FAIR data, for which we propose ontology-based data access policies. These policies take into account both the FAIR aspects of the data relevant to access (such as provenance and licence), expressed as metadata, and additional metadata describing users. With this tripartite approach (data, associated metadata expressing FAIR information, and additional metadata about users), secure and controlled access to object data can be obtained. This yields a security dimension to the “A” (accessible) in FAIR, which is clearly needed in domains like security and intelligence. These domains need data to be shared under tight controls, with widely varying individual access rights. In this paper, we propose an approach called Ontology-Based Access Control (OBAC), which utilizes concepts and relations from a data set's domain ontology. We argue that ontology-based access policies contribute to data reusability and can be reconciled with privacy-aware data access policies. We illustrate our OBAC approach through a proof-of-concept and propose that OBAC to be adopted as a best practice for access management of FAIR data.
APA, Harvard, Vancouver, ISO, and other styles
4

Aziz, Benjamin. "Towards open data-driven evaluation of access control policies." Computer Standards & Interfaces 56 (February 2018): 13–26. http://dx.doi.org/10.1016/j.csi.2017.09.001.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Yaokumah, Winfred. "Modelling the Impact of Administrative Access Controls on Technical Access Control Measures." Information Resources Management Journal 30, no. 4 (October 2017): 53–70. http://dx.doi.org/10.4018/irmj.2017100104.

Full text
Abstract:
Almost all computing systems and applications in organizations include some form of access control mechanisms. Managing secure access to computing resources is an important but a challenging task, requiring both administrative and technical measures. This study examines the influence of administrative access control measures on technical access control mechanisms. Based on the four access control clauses defined by ISO/IEC27002, this study develops a model to empirically test the impact of access control policies on systems and applications control activities. The study employs Partial Least Square Structural Equation Modelling (PLS-SEM) to analyze data collected from 223 samples through a survey questionnaire. The results show that the greatest significant impact on applications and systems access control measures is through access control policies mediated by users' responsibilities and accountability and user access management activities. But the direct impact of access control policies on applications and systems access control measures is not significant.
APA, Harvard, Vancouver, ISO, and other styles
6

Pervez, Zeeshan, Asad Masood Khattak, Sungyoung Lee, Young-Koo Lee, and Eui-Nam Huh. "Oblivious access control policies for cloud based data sharing systems." Computing 94, no. 12 (August 21, 2012): 915–38. http://dx.doi.org/10.1007/s00607-012-0206-z.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Venkatesan, G., and K. Ambika. "Indexing Policies in Cloud Information Accountability for Data Sharing." Asian Journal of Computer Science and Technology 2, no. 1 (May 5, 2013): 22–27. http://dx.doi.org/10.51983/ajcst-2013.2.1.1712.

Full text
Abstract:
Indexing Policies in Cloud Information Accountability for Data Sharing presents a new way to supplement the current consumption and delivery model for IT services based on the Internet, by providing for dynamically scalable and often virtualized resources as a service over the Internet. Here, User Control Policies files and Access control policies files are indexed, and then only we can search the particular file easily. Cloud Information Accountability (CIA) framework, based on the notion of information accountability. One of the main innovative features of the CIA framework lies in its ability of maintaining lightweight and powerful accountability that combines aspects of access control, usage control and authentication. By means of the CIA, data owners can track not only whether or not the service-level agreements are being honored, but also enforce access and usage control rules as needed.. Access control policies and user control policies are spread across the cloud within the control of Cloud Service provider, the new user can enter their authorized login and fetch needed files, when these files are indexed. The integrity checks and oblivious hashing (OH) technique to our system in order to strengthen the dependability of our system in case of compromised JRE and also I updated to log records structure to provide additional guarantees of integrity and authenticity.
APA, Harvard, Vancouver, ISO, and other styles
8

Liu, Gang, Guofang Zhang, Quan Wang, Shaomin Ji, and Lizhi Zhang. "Fine-grained access control method for private data in android system." International Journal of Distributed Sensor Networks 15, no. 3 (March 2019): 155014771984023. http://dx.doi.org/10.1177/1550147719840232.

Full text
Abstract:
In Android systems, sensitive information associated with system permission is exposed to the application completely once it gains the permission. To solve this problem, this article presents a fine-grained access control framework for sensitive information based on eXtensible Access Control Markup Language data flow model. In this framework, a user can define access policies for each application and resource and the application’s access request to sensitive information is evaluated by these policies. Therefore, all access requests must comply with the security policy irrespective of whether they have gained the permission associated with the information. This helps to protect sensitive data outside the Android permission mechanism. In order to facilitate users to manage policies, the proposed framework implements automatic policy generation and policy conflict detection functions. The framework is implemented in TaintDroid and experiments indicate that the improvement is effective in achieving fine-grained access control to sensitive information and does not adversely affect the system overhead costs.
APA, Harvard, Vancouver, ISO, and other styles
9

Sabitha, S., and M. S. Rajasree. "Access control based privacy preserving secure data sharing with hidden access policies in cloud." Journal of Systems Architecture 75 (April 2017): 50–58. http://dx.doi.org/10.1016/j.sysarc.2017.03.002.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Guo, Jinyi, Wei Ren, Yi Ren, and Tianqin Zhu. "A Watermark-Based in-Situ Access Control Model for Image Big Data." Future Internet 10, no. 8 (July 29, 2018): 69. http://dx.doi.org/10.3390/fi10080069.

Full text
Abstract:
When large images are used for big data analysis, they impose new challenges in protecting image privacy. For example, a geographic image may consist of several sensitive areas or layers. When it is uploaded into servers, the image will be accessed by diverse subjects. Traditional access control methods regulate access privileges to a single image, and their access control strategies are stored in servers, which imposes two shortcomings: (1) fine-grained access control is not guaranteed for areas/layers in a single image that need to maintain secret for different roles; and (2) access control policies that are stored in servers suffers from multiple attacks (e.g., transferring attacks). In this paper, we propose a novel watermark-based access control model in which access control policies are associated with objects being accessed (called an in-situ model). The proposed model integrates access control policies as watermarks within images, without relying on the availability of servers or connecting networks. The access control for images is still maintained even though images are redistributed again to further subjects. Therefore, access control policies can be delivered together with the big data of images. Moreover, we propose a hierarchical key-role-area model for fine-grained encryption, especially for large size images such as geographic maps. The extensive analysis justifies the security and performance of the proposed model
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Data access control policies"

1

Scheffler, Thomas. "Privacy enforcement with data owner-defined policies." Phd thesis, Universität Potsdam, 2013. http://opus.kobv.de/ubp/volltexte/2013/6793/.

Full text
Abstract:
This thesis proposes a privacy protection framework for the controlled distribution and use of personal private data. The framework is based on the idea that privacy policies can be set directly by the data owner and can be automatically enforced against the data user. Data privacy continues to be a very important topic, as our dependency on electronic communication maintains its current growth, and private data is shared between multiple devices, users and locations. The growing amount and the ubiquitous availability of personal private data increases the likelihood of data misuse. Early privacy protection techniques, such as anonymous email and payment systems have focused on data avoidance and anonymous use of services. They did not take into account that data sharing cannot be avoided when people participate in electronic communication scenarios that involve social interactions. This leads to a situation where data is shared widely and uncontrollably and in most cases the data owner has no control over further distribution and use of personal private data. Previous efforts to integrate privacy awareness into data processing workflows have focused on the extension of existing access control frameworks with privacy aware functions or have analysed specific individual problems such as the expressiveness of policy languages. So far, very few implementations of integrated privacy protection mechanisms exist and can be studied to prove their effectiveness for privacy protection. Second level issues that stem from practical application of the implemented mechanisms, such as usability, life-time data management and changes in trustworthiness have received very little attention so far, mainly because they require actual implementations to be studied. Most existing privacy protection schemes silently assume that it is the privilege of the data user to define the contract under which personal private data is released. Such an approach simplifies policy management and policy enforcement for the data user, but leaves the data owner with a binary decision to submit or withhold his or her personal data based on the provided policy. We wanted to empower the data owner to express his or her privacy preferences through privacy policies that follow the so-called Owner-Retained Access Control (ORAC) model. ORAC has been proposed by McCollum, et al. as an alternate access control mechanism that leaves the authority over access decisions by the originator of the data. The data owner is given control over the release policy for his or her personal data, and he or she can set permissions or restrictions according to individually perceived trust values. Such a policy needs to be expressed in a coherent way and must allow the deterministic policy evaluation by different entities. The privacy policy also needs to be communicated from the data owner to the data user, so that it can be enforced. Data and policy are stored together as a Protected Data Object that follows the Sticky Policy paradigm as defined by Mont, et al. and others. We developed a unique policy combination approach that takes usability aspects for the creation and maintenance of policies into consideration. Our privacy policy consists of three parts: A Default Policy provides basic privacy protection if no specific rules have been entered by the data owner. An Owner Policy part allows the customisation of the default policy by the data owner. And a so-called Safety Policy guarantees that the data owner cannot specify disadvantageous policies, which, for example, exclude him or her from further access to the private data. The combined evaluation of these three policy-parts yields the necessary access decision. The automatic enforcement of privacy policies in our protection framework is supported by a reference monitor implementation. We started our work with the development of a client-side protection mechanism that allows the enforcement of data-use restrictions after private data has been released to the data user. The client-side enforcement component for data-use policies is based on a modified Java Security Framework. Privacy policies are translated into corresponding Java permissions that can be automatically enforced by the Java Security Manager. When we later extended our work to implement server-side protection mechanisms, we found several drawbacks for the privacy enforcement through the Java Security Framework. We solved this problem by extending our reference monitor design to use Aspect-Oriented Programming (AOP) and the Java Reflection API to intercept data accesses in existing applications and provide a way to enforce data owner-defined privacy policies for business applications.
Im Rahmen der Dissertation wurde ein Framework für die Durchsetzung von Richtlinien zum Schutz privater Daten geschaffen, welches darauf setzt, dass diese Richtlinien oder Policies direkt von den Eigentümern der Daten erstellt werden und automatisiert durchsetzbar sind. Der Schutz privater Daten ist ein sehr wichtiges Thema im Bereich der elektronischen Kommunikation, welches durch die fortschreitende Gerätevernetzung und die Verfügbarkeit und Nutzung privater Daten in Onlinediensten noch an Bedeutung gewinnt. In der Vergangenheit wurden verschiedene Techniken für den Schutz privater Daten entwickelt: so genannte Privacy Enhancing Technologies. Viele dieser Technologien arbeiten nach dem Prinzip der Datensparsamkeit und der Anonymisierung und stehen damit der modernen Netznutzung in Sozialen Medien entgegen. Das führt zu der Situation, dass private Daten umfassend verteilt und genutzt werden, ohne dass der Datenbesitzer gezielte Kontrolle über die Verteilung und Nutzung seiner privaten Daten ausüben kann. Existierende richtlinienbasiert Datenschutztechniken gehen in der Regel davon aus, dass der Nutzer und nicht der Eigentümer der Daten die Richtlinien für den Umgang mit privaten Daten vorgibt. Dieser Ansatz vereinfacht das Management und die Durchsetzung der Zugriffsbeschränkungen für den Datennutzer, lässt dem Datenbesitzer aber nur die Alternative den Richtlinien des Datennutzers zuzustimmen, oder keine Daten weiterzugeben. Es war daher unser Ansatz die Interessen des Datenbesitzers durch die Möglichkeit der Formulierung eigener Richtlinien zu stärken. Das dabei verwendete Modell zur Zugriffskontrolle wird auch als Owner-Retained Access Control (ORAC) bezeichnet und wurde 1990 von McCollum u.a. formuliert. Das Grundprinzip dieses Modells besteht darin, dass die Autorität über Zugriffsentscheidungen stets beim Urheber der Daten verbleibt. Aus diesem Ansatz ergeben sich zwei Herausforderungen. Zum einen muss der Besitzer der Daten, der Data Owner, in die Lage versetzt werden, aussagekräftige und korrekte Richtlinien für den Umgang mit seinen Daten formulieren zu können. Da es sich dabei um normale Computernutzer handelt, muss davon ausgegangen werden, dass diese Personen auch Fehler bei der Richtlinienerstellung machen. Wir haben dieses Problem dadurch gelöst, dass wir die Datenschutzrichtlinien in drei separate Bereiche mit unterschiedlicher Priorität aufteilen. Der Bereich mit der niedrigsten Priorität definiert grundlegende Schutzeigenschaften. Der Dateneigentümer kann diese Eigenschaften durch eigene Regeln mittlerer Priorität überschrieben. Darüber hinaus sorgt ein Bereich mit Sicherheitsrichtlinien hoher Priorität dafür, dass bestimmte Zugriffsrechte immer gewahrt bleiben. Die zweite Herausforderung besteht in der gezielten Kommunikation der Richtlinien und deren Durchsetzung gegenüber dem Datennutzer (auch als Data User bezeichnet). Um die Richtlinien dem Datennutzer bekannt zu machen, verwenden wir so genannte Sticky Policies. Das bedeutet, dass wir die Richtlinien über eine geeignete Kodierung an die zu schützenden Daten anhängen, so dass jederzeit darauf Bezug genommen werden kann und auch bei der Verteilung der Daten die Datenschutzanforderungen der Besitzer erhalten bleiben. Für die Durchsetzung der Richtlinien auf dem System des Datennutzers haben wir zwei verschiedene Ansätze entwickelt. Wir haben einen so genannten Reference Monitor entwickelt, welcher jeglichen Zugriff auf die privaten Daten kontrolliert und anhand der in der Sticky Policy gespeicherten Regeln entscheidet, ob der Datennutzer den Zugriff auf diese Daten erhält oder nicht. Dieser Reference Monitor wurde zum einen als Client-seitigen Lösung implementiert, die auf dem Sicherheitskonzept der Programmiersprache Java aufsetzt. Zum anderen wurde auch eine Lösung für Server entwickelt, welche mit Hilfe der Aspekt-orientierten Programmierung den Zugriff auf bestimmte Methoden eines Programms kontrollieren kann. In dem Client-seitigen Referenzmonitor werden Privacy Policies in Java Permissions übersetzt und automatisiert durch den Java Security Manager gegenüber beliebigen Applikationen durchgesetzt. Da dieser Ansatz beim Zugriff auf Daten mit anderer Privacy Policy den Neustart der Applikation erfordert, wurde für den Server-seitigen Referenzmonitor ein anderer Ansatz gewählt. Mit Hilfe der Java Reflection API und Methoden der Aspektorientierten Programmierung gelang es Datenzugriffe in existierenden Applikationen abzufangen und erst nach Prüfung der Datenschutzrichtlinie den Zugriff zuzulassen oder zu verbieten. Beide Lösungen wurden auf ihre Leistungsfähigkeit getestet und stellen eine Erweiterung der bisher bekannten Techniken zum Schutz privater Daten dar.
APA, Harvard, Vancouver, ISO, and other styles
2

Salim, Farzad. "Detecting and resolving redundancies in EP3P policies." Thesis, Faculty of Computer Science and Software Engineering, University of Wollongong, 2006. https://eprints.qut.edu.au/28175/1/c28175.pdf.

Full text
Abstract:
Current regulatory requirements on data privacy make it increasingly important for enterprises to be able to verify and audit their compliance with their privacy policies. Traditionally, a privacy policy is written in a natural language. Such policies inherit the potential ambiguity, inconsistency and mis-interpretation of natural text. Hence, formal languages are emerging to allow a precise specification of enforceable privacy policies that can be verified. The EP3P language is one such formal language. An EP3P privacy policy of an enterprise consists of many rules. Given the semantics of the language, there may exist some rules in the ruleset which can never be used, these rules are referred to as redundant rules. Redundancies adversely affect privacy policies in several ways. Firstly, redundant rules reduce the efficiency of operations on privacy policies. Secondly, they may misdirect the policy auditor when determining the outcome of a policy. Therefore, in order to address these deficiencies it is important to identify and resolve redundancies. This thesis introduces the concept of minimal privacy policy - a policy that is free of redundancy. The essential component for maintaining the minimality of privacy policies is to determine the effects of the rules on each other. Hence, redundancy detection and resolution frameworks are proposed. Pair-wise redundancy detection is the central concept in these frameworks and it suggests a pair-wise comparison of the rules in order to detect redundancies. In addition, the thesis introduces a policy management tool that assists policy auditors in performing several operations on an EP3P privacy policy while maintaining its minimality. Formal results comparing alternative notions of redundancy, and how this would affect the tool, are also presented.
APA, Harvard, Vancouver, ISO, and other styles
3

Shi, Leilei. "Authoring access control policies with controlled natural language." Thesis, University of Kent, 2011. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.590001.

Full text
Abstract:
This thesis is based on the research carried out under the EPSRC-funded EEAP project and the EC-funded TAS3 project. The research aimed to develop a technique enabling users to write access control policies in natural language. One of the main intentions of the research was to help non- technical users overcome the difficulty of understanding the security policy authoring within computer languages. Policies are relatively easy for humans to specify in natural language, but are much more difficult for them to specify in computer based languages e.g. XML. Consequently humans usually need some sort of Human Computer Interface (HCI) in order to ease the task of policy specification. The usual solution to this problem is to devise a Graphical User Interface (GUI) that is relatively easy for humans to use, and that is capable of converting the chosen icons, menu items and entered text strings into the computer based policy language. However, users still have to learn how to use the GUI, and this can be difficult for them, especially for novice users. This thesis describes the research that was performed in order to allow human I users to specify access control policies using a subset of English called Controlled Natural Language (CNL). The CNL was designed for the task of authoring access control policies based on the Role Based Access Control (RBAC) model, with enhancements for a distributed environment. An ontology was made as a common representation of policies from different languages. As the result of the research, the author has designed and implemented an interface enabling users to author access control policies in the CNL. The policy in CNL can be converted to a policy in one of several machine language formats, so that it can be automatically enforced by a Policy Enforcement Point (PEP) and Policy Decision Point (PDP). The design is modular and a set of APIs have been specified, so that new modules can be added or existing modules can be extended in functionality or replaced.
APA, Harvard, Vancouver, ISO, and other styles
4

Zhang, Nan. "Generating verified access control policies through model-checking." Thesis, University of Birmingham, 2005. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.433707.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Slaymaker, Mark Arthur. "The formalisation and transformation of access control policies." Thesis, University of Oxford, 2011. http://ora.ox.ac.uk/objects/uuid:179cd9d2-0547-42b7-84a0-690bc4478bfb.

Full text
Abstract:
Increasing amounts of data are being collected and stored relating to every aspect of an individual's life, ranging from shopping habits to medical conditions. This data is increasingly being shared for a variety of reasons, from providing vast quantities of data to validate the latest medical hypothesis, to supporting companies in targeting advertising and promotions to individuals that fit a certain profile. In such cases, the data being used often comes from multiple sources --- with each of the contributing parties owning, and being legally responsible for, their own data. Within such models of collaboration, access control becomes important to each of the individual data owners. Although they wish to share data and benefit from information that others have provided, they do not wish to give away the entirety of their own data. Rather, they wish to use access control policies that give them control over which aspects of the data can be seen by particular individuals and groups. Each data owner will have access control policies that are carefully crafted and understood --- defined in terms of the access control representation that they use, which may be very different from the model of access control utilised by other data owners or by the technology facilitating the data sharing. Achieving interoperability in such circumstances would typically require the rewriting of the policies into a uniform or standard representation --- which may give rise to the need to embrace a new access control representation and/or the utilisation of a manual, error-prone, translation. In this thesis we propose an alternative approach, which embraces heterogeneity, and establishes a framework for automatic transformations of access control policies. This has the benefit of allowing data owners to continue to use their access control paradigm of choice. Of course, it is important that the data owners have some confidence in the fact that the new, transformed, access control policy representation accurately reflects their intentions. To this end, the use of tools for formal modelling and analysis allows us to reason about the translation, and demonstrate that the policies expressed in both representations are equivalent under access control requests; that is, for any given request both access control mechanisms will give an equivalent access decision. For the general case, we might propose a standard intermediate access control representation with transformations to and from each access control policy language of interest. However, for the purpose of this thesis, we have chosen to model the translation between role-based access control (RBAC) and the XML-based policy language, XACML, as a proof of concept of our approach. In addition to the formal models of the access control mechanisms and the translation, we provide, by way of a case study, an example of an implementation which performs the translation. The contributions of this thesis are as follows. First, we propose an approach to resolving issues of authorisation heterogeneity within distributed contexts, with the requirements being derived from nearly eight years of work in developing secure, distributed systems. Our second contribution is the formal description of two popular approaches to access control: RBAC and XACML. Our third contribution is the development of an Alloy model of our transformation process. Finally, we have developed an application that validates our approach, and supports the transformation process by allowing policy writers to state, with confidence, that two different representations of the same policy are equivalent.
APA, Harvard, Vancouver, ISO, and other styles
6

Steffinlongo, Enrico <1987&gt. "Efficient security analysis of administrative access control policies." Doctoral thesis, Università Ca' Foscari Venezia, 2017. http://hdl.handle.net/10579/12917.

Full text
Abstract:
In recent years access control has been a crucial aspect of computer systems, since it is the component responsible for giving users specific permissions enforcing a administrator-defined policy. This lead to the formation of a wide literature proposing and implementing access control models reflecting different system perspectives. Moreover, many analysis techniques have been developed with special attention to scalability, since many security properties have been proved hard to verify. In this setting the presented work provides two main contributions. In the first, we study the security of workflow systems built on top of an attribute-based access control in the case of collusion of multiples users. We define a formal model for an ARBAC based workflow system and we state a notion of security against collusion. Furthermore we propose a scalable static analysis technique for proving the security of a workflow. Finally we implement it in a prototype tool showing its effectiveness. In the second contribution, we propose a new model of administrative attribute-based access control (AABAC) where administrative actions are enabled by boolean expressions predicating on user attributes values. Subsequently we introduce two static analysis techniques for the verification of reachability problem: one precise, but bounded, and one over-approximated. We also give a set of pruning rules in order to reduce the size of the problem increasing scalability of the analysis. Finally, we implement the analysis in a tool and we show its effectiveness on several realistic case studies.
APA, Harvard, Vancouver, ISO, and other styles
7

Munari, Andrea. "Cooperative Medium Access Control Policies in Wireless Networks." Doctoral thesis, Università degli studi di Padova, 2010. http://hdl.handle.net/11577/3421552.

Full text
Abstract:
Broadly speaking, wireless ad hoc networks are permeated by cooperative behaviors. In such systems, indeed, nodes have to continuously pool their resources to achieve goals that are of general interest, such as routing packets towards a destination that would otherwise be out of reach for an information source, or coordinating medium access so as to successfully share a common spectrum. Recently, however, the idea of collaboration has gathered a renewed and increasing deal of attention in the research community thanks to the development of innovative concepts, most notably the idea of cooperative relaying, that have been shown to unleash significant improvements, going beyond some intrinsic limitations that affect wireless communications systems. While these emerging solutions have been thoroughly studied from a theoretical perspective, the advantages they offer can be reaped in real world implementations only if additional coordination among nodes is provided, so that cooperating terminals are allowed to offer their help obeying the rules that control medium access, and without disrupting the normal activity of the network. Along this line of reasoning, this thesis focuses on the design and study of link layers that implement cooperation in ad hoc networks. The contribution of our work is twofold. On the one hand, we introduce novel and beneficial collaborative strategies, while on the other hand we investigate how the intrinsic nature of different medium access control policies can be more or less beneficial to cooperative behaviors. In the first part, we present an innovative approach to cooperation in networks with multi-antenna equipped nodes that rely on directional transmissions and receptions. Our solution proposes terminals to share information on ongoing communications to better coordinate medium access at the link layer, and manages to overcome issues such as node deafness that typically hamper the potential of large scale directional wireless systems. The central part of this work, conversely, concentrates on the simpler ad hoc scenario where omnidirectional communications are in place, and tackles some inefficiencies of the cooperative relaying paradigm. In particular, we introduce the novel concept of hybrid cooperative-network coded ARQ, which allows a relay to code data of its own together with a corrupted packet during a retransmission at no additional cost in terms of bandwidth. Such a solution encourages nodes to cooperate, since they are offered the possibility to pursue a goal of their interest while helping surrounding terminals. Moreover, the capability of exploiting retransmissions to serve additional traffic, achieved by smartly taking advantage of network coding techniques, triggers beneficial effects also at a network level in terms of sustainable throughput and reduced congestion. The potential of the proposed approach is first investigated by means of mathematical analysis, while subsequently extensive simulation campaigns test the effectiveness of link layers that implement it in a variety of networking environments. Taking the cue from a reasoned comparison of the results achieved by relaying schemes in different scenarios, we devote the final part of the thesis to the investigation of the impact that distinct spectrum control policies can have on collaborative behaviors. Combining once again mathematical analysis and simulations, we consider how the characteristics of completely distributed, e.g., carrier sense based, and centralized, e.g., time division based, systems influence the effectiveness of a given cooperative strategy. Not only does our study shed light on the relations that exist between cooperation and medium access, but also it provides important hints on how to efficiently design link layers capable of supporting such techniques. Finally, the appendix of this thesis reports the outcome of a research activity, carried out in collaboration with the IBM Zurich Research Laboratory (Switzerland), whose focus falls out of the topic of cooperative link layers and covers the design of energy-efficient routing protocols for wireless sensor networks.
Le reti wireless ad hoc presentano in generale moltissimi comportamenti di natura cooperativa, nei quali i nodi condividono le loro risorse per perseguire un interesse di utilità comune. Basti pensare, in tal senso, alle procedure di routing per la consegna di traffico multihop, o allo scambio di informazioni tra terminali necessario per riuscire a gestire in modo efficace uno spettro condiviso. Recentemente, inoltre, è progressivamente emerso un rinnovato e crescente interesse nella comunità di ricerca per il concetto di collaborazione tra nodi, grazie allo sviluppo di nuovi paradigmi, tra i quali in primis l'idea del relaying cooperativo, che si sono dimostrati in grado di mitigare brillantemente alcuni problemi tipici dei sistemi wireless, rendendo possibili significativi miglioramenti delle prestazioni. Sebbene tali soluzioni innovative siano state oggetto di notevole attenzione in letteratura, gli studi su di esse si sono concentrati principalmente su trattazioni di natura analitica, atte a dimostrarne le potenzialità e i vantaggi nell'ottica della teoria dell'informazione. Approcci di questo tipo tendono chiaramente a considerare, ai fini della trattabilità matematica, topologie semplificate quali reti a tre soli nodi, e spesso assumono un accesso al mezzo idealizzato. Nel momento in cui queste idee vogliano essere implementate in scenari reali, tuttavia, si rende necessario un profondo raffinamento della coordinazione a livello di rete, dal momento che i nodi cooperanti devono comunque sottostare alle regole che caratterizzano la gestione del canale (link layer), di modo da offrire il loro contributo senza ostacolare la normale attività della rete. Prendendo spunto da tale riflessione, questa tesi si concentra sulla definizione e l'analisi di link layer che implementino soluzioni cooperative in reti ad hoc. Due sono i principali contributi del lavoro. Se da un lato, infatti, sono introdotti paradigmi innovativi ed efficaci, dall'altro viene presentato uno studio articolato e completo su come diverse politiche di accesso al mezzo possano influenzare tali comportamenti cooperativi. La prima parte della tesi si focalizza sullo sviluppo di un nuovo approccio collaborativo per reti i cui terminali, dotati di sistemi multiantenna, siano in grado di effettuare trasmissioni e ricezioni direzionali. L'idea proposta prevede che i nodi condividano, tramite scambio di brevi pacchetti di controllo, informazioni sulle comunicazioni attive di cui sono a conoscenza, per poter favorire la maggior distribuzione possibilie di una percezione corretta dello stato del sistema al fine di garantire una migliore coordinazione nell'accesso al mezzo. Studi dedicati dimostrano come tale soluzione sia in grado di superare problemi, quali la sordità di nodo (deafness), che spesso limitano l'efficacia delle trasmissioni direzionali in reti con numero elevato di dispositivi, portando a importanti guadagni in termini di prestazione complessive. La parte centrale del lavoro, al contrario, prende in considerazione reti ad hoc con comunicazioni omnidirezionali, e affronta alcune inefficienze che caratterizzano il paradigma di relaying cooperativo. In particolare, viene introdotto per la prima volta il concetto innovativo di ARQ ibrido cooperativo-network coded, che permette a nodi che agiscano da relay di utilizzare le ritrasmissione di un pacchetto in vece di una sorgente, non in grado di consegnarlo, al fine di servire anche del proprio traffico. Tale approccio, a differenza del comportamento puramente altruistico richiesto dal relaying semplice, incoraggia i terminali a cooperare, offrendo loro la possibilità di perseguire un loro interesse contingente nell'atto stesso di aiutare altri nodi in difficoltà. Inoltre, la capacità di sfruttare il meccanismo di ritrasmissione per servire traffico addizionale, resa possibile dall'utilizzo di tecniche di combinazione lineare sui dati caratteristiche del network coding, getta le basi per benefici anche a livello di rete, quali un incremento del throughput sostenibile e una riduzione della congestione nell'utilizzo della banda. Le potenzialità della soluzione identificata sono dapprima studiate per mezzo di modelli matematici, seguendo le modalità tipicamente riscontrabili in letteratura. Successivamente sono proposti l'implementazione e lo studio simulativo di diversi link layer in grado di supportare tale forma di ARQ ibrido in contesti differenti, quali reti completamente distribuite e reti maggiormente strutturate. Traendo spunto da un confronto ragionato dei risultati ottenibili da schemi di relaying in scenari di rete diversi, la parte finale di questa tesi è dedicata alla discussione dell'impatto che politiche di accesso al mezzo distinte possono avere su comportamenti di natura cooperativa. Combinando ancora una volta analisi matematica e studi simulativi, viene affrontato il problema di come le caratteristiche intrinseche di sistemi basati su carrier sensing e su condivisione del mezzo a multiplazione di tempo influenzino l'efficacia di meccanismi di collaborazione tra nodi. Le osservazioni ottenute tramite questo approccio non solo mettono in luce la stretta relazione esistente tra politiche di gestione dello spettro e cooperazione, ma al tempo stesso forniscono importanti suggerimenti sulla progettazione di link layer in grado di supportare in modo efficace tali strategie. In appendice, infine, vengono riportati i risultati di attività di ricerca svolte in collaborazione con i laboratori di ricerca IBM di Zurigo (Svizzera) e incentrate su tematiche che si discostano leggermente dal fulcro della tesi, quali la progettazione di teniche di routing per reti wireless di sensori, con particolare attenzione all'efficienza energetica.
APA, Harvard, Vancouver, ISO, and other styles
8

Kolovski, Vladimir. "A logic-based framework for Web access control policies." College Park, Md. : University of Maryland, 2008. http://hdl.handle.net/1903/8180.

Full text
Abstract:
Thesis (Ph. D.) -- University of Maryland, College Park, 2008.
Thesis research directed by: Dept. of Computer Science. Title from t.p. of PDF. Includes bibliographical references. Published by UMI Dissertation Services, Ann Arbor, Mich. Also available in paper.
APA, Harvard, Vancouver, ISO, and other styles
9

May, Brian 1975. "Scalable access control." Monash University, School of Computer Science and Software, 2001. http://arrow.monash.edu.au/hdl/1959.1/8043.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Ferreira, Ana. "Modelling access control for healthcare information systems : how to control access through policies, human processes and legislation." Thesis, University of Kent, 2010. https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.529399.

Full text
Abstract:
The introduction of Electronic Medical Records (EMR) within healthcare organizations has the main goal of integrating heterogeneous patient information that is usually scattered over different locations. However, there are some barriers that impede the effective integration of EMR within the healthcare practice (e.g., educational, time/costs, security). A focus in improving access control definition and implementation is fundamental to define proper system workflow and access. The main objectives of this research are: to involve end users in the definition of access control rules; to determine which access control rules are important to those users; to define an access control model that can model these rules; and to implement and evaluate this model. Technical, methodological and legislative reviews were conducted on access control both in general and the healthcare domain. Grounded theory was used together with mixed methods to gather users experiences and needs regarding access control. Focus groups (main qualitative method) followed by structured questionnaires (secondary quantitative method) were applied to the healthcare professionals whilst structured telephone interviews were applied to the patients. A list of access control rules together with the new Break-The-Glass (BTG) RBAC model were developed. A prototype together with a pilot case study was implemented in order to test and evaluate the new model. A research process was developed during this work that allows translating access control procedures in healthcare, from legislation to practice, in a systematic and objective way. With access controls closer to the healthcare practice, educational, time/costs and security barriers of EMR integration can be minimized. This is achieved by: reducing the time needed to learn, use and alter the system; allowing unanticipated or emergency situations to be tackled in a controlled manner (BTG) and reducing unauthorized and non-justified accesses. All this helps to achieve a faster and safer patient treatment.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Data access control policies"

1

Amatayakul, Margaret K. The no-hassle guide to EHR policies. Marblehead, MA: HCPro, 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Wood, Charles Cresson. Information security policies made easy: A comprehensive set of information security policies : version 8. Sausalito, Calif: InfoSecurity Infrastructure, 2001.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Wood, Charles Cresson. Information security policies made easy: A comprehensive set of information security policies : version 5. Sausalito, Ca: Baseline Software, 1996.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Wood, Charles Cresson. Information security policies made easy: A comprehensive set of information security policies : version 7. Sausalito, Calif: Baseline Software, 1999.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Hsiao, David K. An object-oriented approach to security policies and their access controls for database management. Monterey, Calif: Naval Postgraduate School, 1991.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Miyashita, Hiroshi. Kojin jōhō hogo no shisaku: Policies on the protection of personal information : kajō hannō no kaishō ni mukete. Tōkyō: Chōyōkai, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Neale, Hooper, ed. Open access policies, practices and licensing: A review of the literature in Australia and selected jurisdictions. Brisbane: Queensland University of Technology, 2009.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Justitiedepartementet, Sweden. Två frågor om sekretess hos Säkerhetspolisen. Stockholm]: Regeringskansliet, Justitiedepartementet, 2001.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

P. J. D. J. Muijen. Handleiding politie & privacy: De betekenis van de Wet Persoonsregistraties en de Wet Politieregisters voor de politiepraktijk. Lochem: Van den Brink, 1991.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Belair, Robert R. Criminal justice information policy: Data quality of criminal history records. Washington, D.C: U.S. Dept. of Justice, Bureau of Justice Statistics, 1985.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Data access control policies"

1

Truong, Anh. "Adventures in the Analysis of Access Control Policies." In Future Data and Security Engineering, 467–82. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-35653-8_31.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Agoun, Juba, and Mohand-Saïd Hacid. "Data Sharing in Presence of Access Control Policies." In Lecture Notes in Computer Science, 301–9. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-33246-4_19.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Jung, Christian, and Jörg Dörr. "Data Usage Control." In Designing Data Spaces, 129–46. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-030-93975-5_8.

Full text
Abstract:
AbstractData-driven business models are based on sharing and exchanging data. However, to establish a trustworthy and secure data exchange between different organizations, we have to tackle several challenges. Data sovereignty, for instance, is an essential prerequisite to empower data-driven business models across different organizations. The International Data Spaces provide solutions for data sovereignty to implement a secure and trustworthy data economy.In this chapter, we focus on data usage control and data provenance as building blocks to solve data sovereignty challenges. We introduce concepts and technology for realizing usage control and describe the differences between usage control and access control as well as other related concepts such as digital rights management or user managed access. We present the implementation of data sovereignty in the International Data Spaces starting from the formalization of data usage restrictions as policies (i.e., the policy specification) to the technical compliance and adherence of the data usage restrictions (i.e., the policy enforcement). In doing so, we present the transformation of data usage restrictions to machine-readable policies that can be enforced by the systems. Different technologies, such as the MY DATA Control Technologies can be used to implement the enforcement of data sovereignty in a technical manner and discuss future expansion stages of implementing data sovereignty.
APA, Harvard, Vancouver, ISO, and other styles
4

Truong, Anh, Silvio Ranise, and Thanh Tung Nguyen. "Scalable Automated Analysis of Access Control and Privacy Policies." In Transactions on Large-Scale Data- and Knowledge-Centered Systems XXXVI, 142–71. Berlin, Heidelberg: Springer Berlin Heidelberg, 2017. http://dx.doi.org/10.1007/978-3-662-56266-6_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Bui, Thang, Scott D. Stoller, and Shikhar Sharma. "Fast Distributed Evaluation of Stateful Attribute-Based Access Control Policies." In Data and Applications Security and Privacy XXXI, 101–19. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-61176-1_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Jbali, Adel, and Salma Sassi. "Access Control Policies for Relational Databases in Data Exchange Process." In Lecture Notes in Computer Science, 264–71. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-64468-4_20.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Ardagna, Claudio Agostino, Sabrina De Capitani di Vimercati, and Pierangela Samarati. "Privacy Models and Languages: Access Control and Data Handling Policies." In Digital Privacy, 309–29. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011. http://dx.doi.org/10.1007/978-3-642-19050-6_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Dinh, Khai Kim Quoc, Tuan Duc Tran, and Anh Truong. "Security Analysis of Administrative Role-Based Access Control Policies with Contextual Information." In Future Data and Security Engineering, 243–61. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-70004-5_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Anwar, Mohd, Philip W. L. Fong, Xue-Dong Yang, and Howard Hamilton. "Visualizing Privacy Implications of Access Control Policies in Social Network Systems." In Data Privacy Management and Autonomous Spontaneous Security, 106–20. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-11207-2_9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Ferrara, Anna Lisa, Anna Squicciarini, Cong Liao, and Truc L. Nguyen. "Toward Group-Based User-Attribute Policies in Azure-Like Access Control Systems." In Data and Applications Security and Privacy XXXI, 349–61. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-61176-1_20.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Data access control policies"

1

Li, Fenghua, Zifu Li, Weili Han, Ting Wu, Lihua Chen, and Yunchuan Guo. "Cyberspace-Oriented Access Control: Model and Policies." In 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC). IEEE, 2017. http://dx.doi.org/10.1109/dsc.2017.100.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Tourani, Parastou, Mohammad Ali Hadavi, and Rasool Jalili. "Access control enforcement on outsourced data ensuring privacy of access control policies." In Simulation (HPCS). IEEE, 2011. http://dx.doi.org/10.1109/hpcsim.2011.5999865.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Masoumzadeh, Amirreza. "Security Analysis of Relationship-Based Access Control Policies." In CODASPY '18: Eighth ACM Conference on Data and Application Security and Privacy. New York, NY, USA: ACM, 2018. http://dx.doi.org/10.1145/3176258.3176323.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Leighton, Gregory. "Preserving SQL access control policies over published XML data." In the 2009 EDBT/ICDT Workshops. New York, New York, USA: ACM Press, 2009. http://dx.doi.org/10.1145/1698790.1698820.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Karimi, Leila, and James Joshi. "An Unsupervised Learning Based Approach for Mining Attribute Based Access Control Policies." In 2018 IEEE International Conference on Big Data (Big Data). IEEE, 2018. http://dx.doi.org/10.1109/bigdata.2018.8622037.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Shaikh, Riaz Ahmed, Kamel Adi, Luigi Logrippo, and Serge Mankovski. "Detecting incompleteness in access control policies using data classification schemes." In 2010 Fifth International Conference on Digital Information Management (ICDIM). IEEE, 2010. http://dx.doi.org/10.1109/icdim.2010.5664664.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Soltani, Naeimeh, and Rasool Jalili. "Enforcing Access Control Policies over Data Stored on Untrusted Server." In 2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC). IEEE, 2017. http://dx.doi.org/10.1109/iscisc.2017.8488365.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Atlam, Hany F., Madini O. Alassafi, Ahmed Alenezi, Robert J. Walters, and Gary B. Wills. "XACML for Building Access Control Policies in Internet of Things." In 3rd International Conference on Internet of Things, Big Data and Security. SCITEPRESS - Science and Technology Publications, 2018. http://dx.doi.org/10.5220/0006725102530260.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Laassiri, Jalal, and Yousra Hafid. "New access control policies for private network and protocol security." In BDCA'17: 2nd international Conference on Big Data, Cloud and Applications. New York, NY, USA: ACM, 2017. http://dx.doi.org/10.1145/3090354.3090421.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Tusing, Nathan, and Richard Brooks. "Access Control Requirements for Autonomous Robotic Fleets." In WCX SAE World Congress Experience. 400 Commonwealth Drive, Warrendale, PA, United States: SAE International, 2023. http://dx.doi.org/10.4271/2023-01-0104.

Full text
Abstract:
<div class="section abstract"><div class="htmlview paragraph">Access control enforces security policies for controlling critical resources. For V2X (Vehicle to Everything) autonomous military vehicle fleets, network middleware systems such as ROS (Robotic Operating System) expose system resources through networked publisher/subscriber and client/server paradigms. Without proper access control, these systems are vulnerable to attacks from compromised network nodes, which may perform data poisoning attacks, flood packets on a network, or attempt to gain lateral control of other resources. Access control for robotic middleware systems has been investigated in both ROS1 and ROS2. Still, these implementations do not have mechanisms for evaluating a policy's consistency and completeness or writing expressive policies for distributed fleets. We explore an RBAC (Role-Based Access Control) mechanism layered onto ROS environments that uses local permission caches with precomputed truth tables for fast policy evaluation. To demonstrate the features, we will compare policy outputs against SROS (Secure ROS) policies and test our approach against simulated malicious adversaries with penetration testing and fuzzing techniques.</div></div>
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Data access control policies"

1

Bharadwaj, Vijay G., and John S. Baras. Negotiating Access Control Policies Between Autonomous Domains. Fort Belvoir, VA: Defense Technical Information Center, January 2002. http://dx.doi.org/10.21236/ada439714.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Dinkel, Charles. Secure data network system (SDNS) access control documents. Gaithersburg, MD: National Institute of Standards and Technology, 1990. http://dx.doi.org/10.6028/nist.ir.90-4259.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Zheng, G. A YANG Data Model for Terminal Access Controller Access-Control System Plus (TACACS+). Edited by B. Wu and M. Wang. RFC Editor, August 2021. http://dx.doi.org/10.17487/rfc9105.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Jethanandani, M., S. Agarwal, L. Huang, and D. Blair. YANG Data Model for Network Access Control Lists (ACLs). RFC Editor, March 2019. http://dx.doi.org/10.17487/rfc8519.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Taylor, Shawna, Jake Carlson, Joel Herndon, Alicia Hofelich Mohr, Wendy Kozlowski, Jennifer Moore, Jonathan Petters, and Cynthia Hudson Vitale. Public Access Data Management and Sharing Activities for Academic Administration and Researchers. Association of Research Libraries, November 2022. http://dx.doi.org/10.29242/report.rads2022.

Full text
Abstract:
The Realities of Academic Data Sharing (RADS) Initiative’s public-access data management and sharing (DMS) activities are the result of categorizing services and support across the institution that are likely needed to make public access to research data available. The RADS project team categorized these activities by life-cycle phases for public access to research data, and used the activities in RADS surveys of publicly funded campus researchers and institutional administrators whose departments likely provide support in these areas. The result of categorizing and defining these activities not only delineated questions for RADS’s retrospective studies, but, consequently, may also help researchers, administrators, and librarians prepare for upcoming federal and institutional policies requiring access to publicly funded research data. This report presents version 1 of the RADS public access DMS activities. Additional versions are expected to be released as more institutions engage in implementing new federal policies in the coming months. Community engagement and feedback on the RADS DMS activities is critical to (1) validate the activities and (2) parse out the activities, as sharing and refining them will benefit stakeholders interested in meeting new federal open-access and sharing policies.
APA, Harvard, Vancouver, ISO, and other styles
6

Ferraiolo, David F., Ramaswamy Chandramouli, Vincent C. Hu, and D. Richard R. Kuhn. A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications. National Institute of Standards and Technology, October 2016. http://dx.doi.org/10.6028/nist.sp.800-178.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Zhang, R., R. Pazhyannur, S. Gundavelli, Z. Cao, H. Deng, and Z. Du. Alternate Tunnel Encapsulation for Data Frames in Control and Provisioning of Wireless Access Points (CAPWAP). RFC Editor, April 2018. http://dx.doi.org/10.17487/rfc8350.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Nguyen, Thi Dien, Thi Minh Hanh Nguyen, Thi Minh Khue Nguyen, and Ayako Ebata. Policies to Improve Migrant Workers’ Food Security in Vietnam. Institute of Development Studies (IDS), March 2022. http://dx.doi.org/10.19088/ids.2022.019.

Full text
Abstract:
Migrant workers in Vietnam make up 7.3 per cent of the population. Despite rapid economic growth, they suffer from precarious working conditions and food insecurity, which Covid-19 control measures have exacerbated. Urgent action is needed to improve migrant workers’ access to nutritious food during crises and increase resilience to future economic shocks through: (1) short-term responses that provide nutritious food; (2) improving living conditions through effective enforcement of existing policies; (3) expanding coverage of the government social safety net; and (4) progressive reform of labour law to reduce their vulnerability to job loss and increase their bargaining power.
APA, Harvard, Vancouver, ISO, and other styles
9

Reyes, Angela, Benjamin Roseth, and Diego A. Vera-Cossio. Technology, Identification, and Access to Social Programs: Experimental Evidence from Panama. Inter-American Development Bank, August 2021. http://dx.doi.org/10.18235/0003485.

Full text
Abstract:
Access to identification cards (IDs) is often required to claim government benefits. However, it is unclear which policies to increase ID ownership are more effective. We experimentally analyze the effect of two policy interventions to induce the timely renewal of identification cards on access to a government social program in Panama. Sending reminders about expiration dates increased the probability of on-time renewals and of accessing benefits from a social program by 12 and 4.3 percentage points, respectively, relative to a control group. In contrast, allowing individuals to renew their ID online only increased renewals and access to benefits by 8 and 2.9 percentage points, respectively. This result was driven by lower-income individuals. The results suggest that policies to increase ownership of valid identity documentation can reduce inclusion errors in government programs and that simply granting access to digital tools may not be enough to unlock important effects.
APA, Harvard, Vancouver, ISO, and other styles
10

C. Strumpf, Erin, Laurie J. Goldsmith, Caroline E. King, Ruth Lavergne, Rita McCracken, Kimberlyn M. McGrail, and Leora Simon. Measuring Access to and Quality of Primary Care in Quebec: Insights from Research on Patient Enrolment Policies. CIRANO, March 2023. http://dx.doi.org/10.54932/xnxr2949.

Full text
Abstract:
More than one million “orphan” patients do not have a family physician in Quebec as revealed by the department of Health and Social Services scoreboard. This spring, Minister Dubé has launched several initiatives aimed at transforming the health system to facilitate access to high-quality and timely primary care services. These reforms focus primarily on the enrolment of patients with a family physician. Having access to a regular source of care is almost universally seen as a good thing. In this short note, Erin C. Strumpf, McGill University Professor and Fellow CIRANO, and her co-authors challenge this idea. They show that there is a tendency to confuse concepts and assume that repeated contact is evidence of a truly caring, trusting patient-physician relationship, which could ultimately lead to better health outcomes. If we want to effectively create and evaluate interventions aimed at improving primary care, it is essential to clearly identify the processes through which patient care can be improved and to identify the most relevant measures that actually capture the outcomes of interest such as affiliation and continuity of care. That is what the authors precisely do here. By being honest and clear about what we can actually measure and evaluate with the data we have, they argue that we create an opening for more creative approaches to health policy evaluation.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Data access control policies' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography