, A language and system for composing security policies, 2004.
DOI : 10.1145/1065010.1065047
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.70.498
, SecPAL: Design and semantics of a decentralized authorization language, Journal of Computer Security, vol.18, issue.4, pp.619-665, 2010.
DOI : 10.3233/JCS-2009-0364
, An algebra for composing access control policies, ACM Transactions on Information and System Security, vol.5, issue.1, pp.1-35, 2002.
DOI : 10.1145/504909.504910
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.543.2075
, McLane: An operational framework for service oriented architecture network security, Proc. HICCS. p, p.312, 2008.
DOI : 10.1109/hicss.2008.64
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.128.8350
, Availability enforcement by obligations and aspects identification, First International Conference on Availability, Reliability and Security (ARES'06), pp.229-239, 2006.
DOI : 10.1109/ARES.2006.36
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.100.7969
, The Ponder policy specification language. Policies for Distributed Systems and Networks pp Harmless advice, pp.18-38, 2001.
DOI : 10.1007/3-540-44569-2_2
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.17.4489
, Language definition for security specifications. Deliverable D2.2, The CESSA project, 2011.
, Survey and requirements analysis . Deliverable D1.1, The CESSA project, 2010.
, Modular Access Control Via Strategic Rewriting, Proc. of ESORICS, 2007.
DOI : 10.1007/978-3-540-74835-9_38
URL : https://hal.archives-ouvertes.fr/inria-00185697
, Protecting web services from DOS attacks by SOAP message validation. Security and Privacy in Dynamic Environments, 2006.
DOI : 10.1007/0-387-33406-8_15
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.92.4061
, Evolving security requirements in multi-layered service-oriented-architectures, Proc. SETOP, 2011.
URL : https://hal.archives-ouvertes.fr/inria-00614163
, A Policy Language for Adaptive Web Services Security Framework, Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD 2007), pp.261-266, 2007.
DOI : 10.1109/SNPD.2007.455
, extensible access control markup language (xacml) version 2.0, Tech. rep., OASIS Standard, 2005.
, Protecting privacy using the decentralized label model, ACM Transactions on Software Engineering and Methodology, vol.9, issue.4, pp.410-442, 2000.
DOI : 10.1145/363516.363526
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.126.2197
, ASLan++ ??? A Formal Security Specification Language for Distributed Systems, In: Prof. FMCO, vol.24, issue.5, 2010.
DOI : 10.1007/978-3-540-70545-1_38
, Weaving rewrite-based access control policies, Proceedings of the 2007 ACM workshop on Formal methods in security engineering , FMSE '07, pp.71-80, 2007.
DOI : 10.1145/1314436.1314446
URL : https://hal.archives-ouvertes.fr/inria-00185710
, A policy-oriented language for expressing security specifications, International Journal of Network Security, vol.5, issue.3, pp.299-316, 2007.
, SPL: An access control language for security policies with complex constraints, Proc. of NDSS, 2001.
, XML Firewall Architecture and Best Practices for Configuration and Auditing, 2007.
, A decentralized mechanism for application level monitoring of distributed systems, Proceedings of the 5th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing, pp.1-10, 2009.
DOI : 10.4108/ICST.COLLABORATECOM2009.8336
, Guide to Secure Web Services
DOI : 10.6028/NIST.SP.800-95
, Verifiable composition of access control and application features, Proceedings of the tenth ACM symposium on Access control models and technologies , SACMAT '05, pp.120-129, 2005.
DOI : 10.1145/1063979.1064001
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.63.5066