Policies and security
Policies and their application in the security field is a relatively new research area at SICS. The current focus is on decentralized management of policies, and in particular policies for access rights, i.e. authorization.
Policy management, analysis, and enforcement is relevant for many different applications including SLAs (Service Level Agreements), resource sharing, and automated trading to name just a few.
SICS researchers have developed a technology and a system, SICSacml, that enables decentralized management of access rights. The system is decentralized in the sense that it allows many users to not only assign other users to roles, but to provide them with arbitrary privileges to access resources, within a set of given constraints. In other words, local administrators are not confined by centrally created roles, but can create their own roles, as long as these do not violate centrally determined constraints.
More information
Security, Policy and Trust group
SICSacml
Policy management, analysis, and enforcement is relevant for many different applications including SLAs (Service Level Agreements), resource sharing, and automated trading to name just a few.
SICS researchers have developed a technology and a system, SICSacml, that enables decentralized management of access rights. The system is decentralized in the sense that it allows many users to not only assign other users to roles, but to provide them with arbitrary privileges to access resources, within a set of given constraints. In other words, local administrators are not confined by centrally created roles, but can create their own roles, as long as these do not violate centrally determined constraints.
More information
Security, Policy and Trust group
SICSacml