, Effective blame for information-flow violations, Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering, SIGSOFT '08/FSE-16, pp.250-260, 2008.
DOI : 10.1145/1453101.1453135
, A calculus for access control in distributed systems, ACM Transactions on Programming Languages and Systems, vol.15, issue.4, pp.706-734, 1993.
DOI : 10.1145/155183.155225
, Foundations of Databases: The Logical Level, 1995.
, Watermarking relational data: framework, algorithms and analysis, The VLDB Journal, vol.12, pp.157-169, 2003.
, Watermarking Relational Databases, VLDB, pp.155-166, 2002.
DOI : 10.1016/B978-155860869-6/50022-6
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.19.9696
, A technical architecture for enforcing usage control requirements in serviceoriented architectures, SWS, pp.18-25, 2007.
, A multimedia access control language for virtual and ambient intelligence environments, SWS '07: Proceedings of the 2007 ACM workshop on Secure web services, pp.111-120, 2007.
, Usage control platformization via trustworthy SELinux, Proceedings of the 2008 ACM symposium on Information, computer and communications security , ASIACCS '08, pp.245-248, 2008.
DOI : 10.1145/1368310.1368345
, Introduction to the octave R ? approach, 2003.
, A security framework for dynamic collaborative working environments, Identity in the Information Society, vol.18, issue.4, pp.171-187, 1007.
DOI : 10.1007/s12394-009-0027-1
, Description Logics as Ontology Languages for the Semantic Web, Festschrift in honor of Jörg Siekmann, pp.228-248
DOI : 10.1007/978-3-540-32254-2_14
, Decision Procedures for a Deontic Logic Modeling Temporal Inheritance of Obligations, Electronic Notes in Theoretical Computer Science, vol.231, pp.69-89, 2009.
DOI : 10.1016/j.entcs.2009.02.030
, Supersticky and declassifiable release policies for flexible information dissemination control, these.pdf © [Z. Su] WPES '06: Proceedings of the 5th ACM workshop on Privacy in electronic society, pp.51-58, 2006.
, Model checking usage policies, pp.19-35, 2009.
DOI : 10.1007/978-3-642-00945-7_2
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.156.1671
, Security protocols, properties, and their monitoring, Proceedings of the fourth international workshop on Software engineering for secure systems , SESS '08, pp.33-40, 2008.
DOI : 10.1145/1370905.1370910
, Digital Rights Management -Technological, Economic, Legal and Political Aspects, Lecture Notes in Computer Science, vol.2770, 2003.
, Cassandra: Flexible trust management , applied to electronic health records, CSFW '04: Proceedings of the 17th IEEE workshop on Computer Security Foundations, 2004.
, A New Watermarking Approach for Non numeric Relational Database, International Journal of Computer Applications, vol.13, issue.7, pp.37-40, 2011.
DOI : 10.5120/1790-2473
URL : http://doi.org/10.5120/1790-2473
, Frédéric Cuppens, Nora Cuppens- Boulahia, and Adel Bouhoula. Revocation schemes for delegation licences, ICICS, pp.190-205, 2008.
, Frédéric Cuppens, Nora Cuppens- Boulahia, and Adel Bouhoula. A delegation model for extended rbac
, Semantic web road map, p.233, 1998.
, Analysis of privacy and security policies, Prathima Rao, and Xiping Wang, p.3, 2009.
DOI : 10.1147/JRD.2009.5429045
, End-to-end accountability in grid computing systems for coalition information sharing In Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead, CSIIRW '08, pp.1-29, 2008.
, A rewriting framework for the composition of access control policies, Proceedings of the 10th international ACM SIGPLAN symposium on Principles and practice of declarative programming, PPDP '08, pp.217-225, 2008.
DOI : 10.1145/1389449.1389476
, Verifying policy-based web services security, ACM Trans. Program. Lang. Syst, vol.30, issue.6, 2008.
DOI : 10.1145/1391956.1391957
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.187.4827
, Security integration in inter-enterprise business process engineering
DOI : 10.1007/978-0-387-35698-3_15
, Collaborative systems for production management, IFIP TC5/WG5. 7 Eighth International Conference on Advances Production Management Systems, pp.207-217, 2002.
, Extended Service Integration: Towards ???Manufacturing??? SLA, Advances in Production Management Systems
DOI : 10.1007/978-0-387-74157-4_11
URL : https://hal.archives-ouvertes.fr/hal-00348545
, Integration of a contract framework in bp models. Virtual Enterprises and Collaborative Networks, pp.97-104, 2004.
, Collaborative business and data privacy: Toward a cyber-control? Computers in Industry, pp.361-370, 2005.
, A spiral model of software development and enhancement, ACM SIGSOFT Software Engineering Notes, vol.11, issue.4, pp.14-24, 1986.
, Regulating service access and information release on the Web, Proceedings of the 7th ACM conference on Computer and communications security , CCS '00, pp.134-143, 2000.
DOI : 10.1145/352600.352620
, A uniform framework for regulating service access and information release on the web, J. Comput . Secur, vol.10, issue.3, pp.241-271, 2002.
, Universal business language v2, 2006.
, Rob Miller 0002, and Alessandra Russo. Sage: A logical agent-based environment monitoring and control system, pp.112-117, 2009.
, A simple and expressive semantic framework for policy composition in access control, Proceedings of the 2007 ACM workshop on Formal methods in security engineering , FMSE '07, pp.12-21, 2007.
DOI : 10.1145/1314436.1314439
, A simple and expressive semantic framework for policy composition in access control, Proceedings of the 2007 ACM workshop on Formal methods in security engineering , FMSE '07, pp.12-21, 2007.
DOI : 10.1145/1314436.1314439
, Downstream usage control. Policies for Distributed Systems and Networks, IEEE International Workshop on, vol.0, pp.22-29, 2010.
DOI : 10.1109/policy.2010.17
, Enforcing access control in Web-based social networks, ACM Transactions on Information and System Security, vol.13, issue.1, 2009.
DOI : 10.1145/1609956.1609962
, Deontic and action logics for organized collective agency, modeled through institutionalized agents and roles, Fundam. Inf, vol.48, issue.2-3, pp.129-163, 2001.
, Enhancing web service selection by QoS-based ontology and WS-policy, Proceedings of the 2008 ACM symposium on Applied computing , SAC '08, pp.2426-2431, 2008.
DOI : 10.1145/1363686.1364260
URL : https://hal.archives-ouvertes.fr/hal-00348516
, Enforcing " sticky " security policies throughout a distributed application, MidSec '08: Proceedings of the 2008 workshop on Middleware security, pp.1-6, 2008.
, Adding support to XACML for multi-domain user to user dynamic delegation of authority, International Journal of Information Security, vol.9, issue.4, pp.137-152, 2009.
DOI : 10.1007/s10207-008-0073-y
, Authorization in trust management: Features and foundations, ACM Comput. Surv, vol.40, issue.3, pp.1-48, 2008.
, Establishing end to end trust, 2008.
, Multimedia and Metadata Watermarking Driven by Application Constraints, 2006 12th International Multi-Media Modelling Conference, 2006.
DOI : 10.1109/MMMC.2006.1651325
, vCerberus: A DRTM system based on virtualization technology, Wuhan University Journal of Natural Sciences, vol.7, issue.3, pp.185-189
DOI : 10.1007/s11859-010-0301-y
, Using JConsole to monitor applications, Oracle, Sun Developer Network (SDN), 2004.
, A Role and Attribute Based Access Control System Using Semantic Web Technologies, OTM Workshops, pp.1256-1266, 2007.
DOI : 10.1007/978-3-540-76890-6_53
, A comparison of commercial and military computer security policies. Security and Privacy, IEEE Symposium on, p.184, 1987.
, Pellet: Owl 2 reasoner for java
, Automatic verification of finite state concurrent systems using temporal logic specifications, 1985.
, On Usage Control for GRID Services, 2009 International Joint Conference on Computational Sciences and Optimization, pp.47-51, 2009.
DOI : 10.1109/CSO.2009.479
, Watermill, Proceedings of the 7th workshop on Multimedia and security , MM&Sec '05, pp.143-155, 2005.
DOI : 10.1145/1073170.1073196
URL : https://hal.archives-ouvertes.fr/hal-01185453
, The platform for privacy preferences 1, 2002.
, Security policy refinement using data integration, Proceedings of the 2nd ACM workshop on Assurable and usable security configuration, SafeConfig '09, pp.25-28, 2009.
DOI : 10.1145/1655062.1655068
URL : http://spiral.imperial.ac.uk/bitstream/10044/1/10467/2/safeconfig.pdf
, Decomposition techniques for policy refinement, 2010 International Conference on Network and Service Management, pp.72-79, 2010.
DOI : 10.1109/CNSM.2010.5691331
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.592.2080
, Expressive policy analysis with enhanced system dynamicity, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS '09, pp.239-250, 2009.
DOI : 10.1145/1533057.1533091
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.1026.8278
, Modeling contextual security policies, International Journal of Information Security, vol.2, issue.3/4, pp.285-305, 2008.
DOI : 10.1007/s10207-007-0051-9
URL : https://hal.archives-ouvertes.fr/hal-01207773
, O2O: Virtual Private Organizations to Manage Security Policy Interoperability, ICISS, pp.101-115, 2006.
DOI : 10.1007/11961635_7
, The Ponder Policy Specification Language, POLICY, pp.18-38, 2001.
DOI : 10.1007/3-540-44569-2_2
, Information accountability, CSAIL) of Massachusetts Institute of Technology (MIT), 2007.
, The web service modeling language wsml: An overview. The Semantic Web: Research and Applications, pp.590-604, 2006.
, Nora Cuppens-Boulahia, and Frédéric Cuppens . Service dependencies in information systems security, MMM- ACNS, pp.1-20, 2010.
, TWC data-gov corpus, Proceedings of the 19th international conference on World wide web, WWW '10, pp.1383-1386, 2010.
DOI : 10.1145/1772690.1772937
, Obligations and Their Interaction with Programs, ESORICS 2007, pp.375-389, 2007.
DOI : 10.1007/978-3-540-74835-9_25
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.87.1733
, Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy, Proceedings of the eleventh ACM symposium on Access control models and technologies , SACMAT '06, pp.228-236, 2006.
DOI : 10.1145/1133058.1133090
, ebXML business process specification schema technical specification v2, 2006.
, Understanding drm systems. An IDC White Paper, 2001.
, Architectural refinement for the design of survivable systems, 2001.
, Reference architecture for Service Oriented Architecture version 1, 2008.
, Web services reliability (ws-reliability), 2003.
, The Web Service Modeling Framework WSMF, Electronic Commerce Research and Applications, pp.113-137, 2002.
DOI : 10.1016/S1567-4223(02)00015-7
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.194.6486
, Role-based access control (RBAC): Features and motivations, Proceedings of 11th Annual Computer Security Application Conference, pp.241-289, 1995.
, Proposed NIST standard for rolebased access control, ACM Trans. Inf. Syst. Secur, vol.4, issue.3, pp.224-274, 2001.
, The program dependence graph and its use in optimization, ACM Transactions on Programming Languages and Systems, vol.9, issue.3, pp.319-349, 1987.
DOI : 10.1145/24039.24041
, Supporting RBAC with XACML+OWL, Proceedings of the 14th ACM symposium on Access control models and technologies, SACMAT '09, pp.145-154, 2009.
DOI : 10.1145/1542207.1542231
, BAC, Proceedings of the 13th ACM symposium on Access control models and technologies , SACMAT '08, pp.73-82, 2008.
DOI : 10.1145/1377836.1377849
, Flexiscale cloud comp and hosting, p.240
, The specification and implementation of commercial security requirements including dynamic segregation of duties, Proceedings of the 4th ACM conference on Computer and communications security, CCS '97, pp.125-134, 1997.
, Globus Toolkit Version 4: Software for Service-Oriented Systems, Journal of Computer Science and Technology, vol.10, issue.2, pp.513-520, 2006.
DOI : 10.1007/s11390-006-0513-y
URL : http://doi.org/10.1007/s11390-006-0513-y
, Cryptographically sound implementations for typed information-flow security, POPL, pp.323-335, 2008.
DOI : 10.1145/1328438.1328478
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.103.915
, Trusted Computing: Security and Applications, Cryptologia, vol.3184, issue.3, pp.217-245, 2009.
DOI : 10.1145/782814.782838
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.141.3394
, Terra: a virtual machine-based platform for trusted computing, SOSP, pp.193-206, 2003.
, A cross?domain role mapping and authorization framework for rbac in grid systems, International Journal of Computer Science & Applications, vol.6, pp.1-12, 2009.
, Enforcing UCON Policies on the Enterprise Service Bus, OTM Conferences, pp.876-893, 2010.
DOI : 10.1007/978-3-642-16949-6_14
, A Sound Analysis for Secure Information Flow Using Abstract Memory Graphs, FSEN, pp.355-370, 2009.
DOI : 10.1007/978-3-642-11623-0_21
, Agile competitors and virtual organizations: strategies for enriching the customer, 1995.
, Dependence graphs and program slicing-codesurfer technology overview
, Query-preserving watermarking of relational databases and Xml documents, ACM Transactions on Database Systems, vol.36, issue.1, pp.1-3, 2011.
DOI : 10.1145/1929934.1929937
URL : https://hal.archives-ouvertes.fr/inria-00587712
, Remote attestation on function execution (workin-progress ), INTRUST, pp.60-72, 2009.
, Remote attestation on program execution, Proceedings of the 3rd ACM workshop on Scalable trusted computing, STC '08, pp.11-20, 2008.
DOI : 10.1145/1456455.1456458
, A reputation based service provider selection system for farmers, Journal of Information Assurance and Security, vol.5, pp.508-515, 2010.
, Designing the architecture for Web services Data-purpose algebra: Modeling data usage policies, POLICY, pp.173-177, 2003.
, Verifying Information Flow Control over Unbounded Processes, In FM, pp.773-789, 2009.
DOI : 10.1007/978-3-642-05089-3_49
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.158.6262
, State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition, 2009 Third International Conference on Network and System Security, pp.373-380, 2009.
DOI : 10.1109/NSS.2009.51
, A policy language for distributed usage control . ESORICS2007, LNCS, pp.4734531-546, 2007.
, Enforcement for usage control-an overview of control mechanisms, 2006.
, Towards layered access control with UCON, Proceedings of the 2009 International Conference on Computational Science and Engineering, pp.823-829, 2009.
DOI : 10.1109/cse.2009.163
, An authorization model for collaborative access control, Journal of Zhejiang University -Science C, vol.11, issue.9, pp.699-717, 2010.
, A proposal on information hiding methods using xml, Natural Language Processing Pacific Rim Symposium
, On the modeling and analysis of obligations, Proceedings of the 13th ACM conference on Computer and communications security , CCS '06, pp.134-143, 2006.
DOI : 10.1145/1180405.1180423
, Iso 17799(e):information technology security techniques code of practice for information security management, IEC, vol.27002, p.2005, 2002.
, Concurrent Enforcement of Usage Control Policies, 2008 IEEE Workshop on Policies for Distributed Systems and Networks, pp.111-118, 2008.
DOI : 10.1109/POLICY.2008.44
, Assessing the security risks of Cloud Computing, 2008.
, Virtual machine security guidelines version 1.0, 2007.
, A survey of trust and reputation systems for online service provision, Decision Support Systems, vol.43, issue.2, pp.618-644, 2006.
DOI : 10.1016/j.dss.2005.05.019
, Authorization and privacy for semantic Web services, IEEE Intelligent Systems, vol.19, issue.4, pp.50-56, 2005.
DOI : 10.1109/MIS.2004.23
, Access control is an inadequate framework for privacy protection, 2010.
, Using semantic web technologies for policy management on the web, AAAI, 2006.
, Using Dependency Tracking to Provide Explanations for Policy Management, 2008 IEEE Workshop on Policies for Distributed Systems and Networks, pp.54-61, 2008.
DOI : 10.1109/POLICY.2008.51
, Organization based access contro, POLICY, p.120, 2003.
, Evaluating interfaces for privacy policy rule authoring, Proceedings of the SIGCHI conference on Human Factors in computing systems , CHI '06, pp.83-92, 2006.
DOI : 10.1145/1124772.1124787
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.153.6442
, A policy famework for security and privacy management, IBM System Journal, special issue on harmonizing security and privacy
, A general obligation model and continuity, Proceedings of the 13th ACM symposium on Access control models and technologies , SACMAT '08, pp.123-132, 2008.
DOI : 10.1145/1377836.1377856
, Towards a Usage Control Policy Specification with Petri Nets, OTM '09: Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems, pp.905-912, 2009.
DOI : 10.1007/978-3-642-05151-7_11
, Frédéric Cuppens, and Hervé Debar. A service dependency model for cost-sensitive intrusion response, ESORICS, pp.626-642, 2010.
, Frédéric Cuppens, Nora Cuppens-Boulahia, and Jouni Viinikka. A service dependency modeling framework for policy-based response enforcement, DIMVA, pp.176-195, 2009.
, A model for access negotiations in dynamic coalitions, WETICE '04: Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp.205-210, 2004.
, A model for access negotiations in dynamic coalitions, WETICE, pp.205-210, 2004.
, Security Ontology for Annotating Resources, On the Move to Meaningful Internet Systems 2005: CoopIS, DOA, and ODBASE, pp.1483-1499, 2005.
DOI : 10.1007/11575801_34
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.102.7024
, Query answering over sroiq knowledge bases with sparql, Description Logics, 2011.
, Formal semantics of XACML v3.0, 2008.
, A logic-based calculus of events, New Generation Computing, vol.10, issue.No. 2, pp.67-95, 1986.
DOI : 10.1007/BF03037383
, Stale-safe security properties for group-based secure information sharing, Proceedings of the 6th ACM workshop on Formal methods in security engineering, FMSE '08, pp.53-62, 2008.
DOI : 10.1145/1456396.1456402
, A conceptual framework for Group-Centric secure information sharing, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS '09, pp.384-387, 2009.
DOI : 10.1145/1533057.1533111
, Foundations for group-centric secure information sharing models, Proceedings of the 14th ACM symposium on Access control models and technologies, SACMAT '09, pp.115-124, 2009.
DOI : 10.1145/1542207.1542227
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.185.2103
, Invisible Graffiti on Your Buildings: Blind and Squaring-Proof Watermarking of Geographical Databases, Proceedings of the 10th international conference on Advances in spatial and temporal databases, SSTD'07, pp.312-329, 2007.
DOI : 10.1007/978-3-540-73540-3_18
, Xml Streams Watermarking, DBSec, pp.74-88, 2006.
DOI : 10.1007/978-3-540-24624-4_11
URL : https://hal.archives-ouvertes.fr/hal-01125144
, Watermill: An optimized fingerprinting system for databases under constraints, IEEE Trans. on Knowl. and Data Eng, vol.20, pp.532-546, 2008.
URL : https://hal.archives-ouvertes.fr/hal-01185453
, Securing web applications with static and dynamic information flow tracking, Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation , PEPM '08, pp.3-12, 2008.
DOI : 10.1145/1328408.1328410
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.130.6756
, Protection, Proceedings of the 5th Princeton Conference on Information Sciences and Systems, p.437, 1971.
, The triple-A supply chain, Harvard business review, vol.82, issue.10, pp.102-113, 2004.
, Profilebased selection of accountability policies in grid computing systems, In POLICY, pp.145-148, 2011.
, Capability-Based Computer Systems. Butterworth- Heinemann, 1984.
, Trust-Oriented Composite Service Selection and Discovery, ICSOC-ServiceWave '09: Proceedings of the 7th International Joint Conference on Service-Oriented Computing, pp.50-67, 2009.
DOI : 10.1007/978-3-642-10383-4_4
URL : http://www.researchonline.mq.edu.au/vital/access/services/Download/mq:13797/DS01
, A Practically Implementable and Tractable Delegation Logic, SP '00: Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.27, 2000.
DOI : 10.2139/ssrn.290100
, Delegation logic, ACM Transactions on Information and System Security, vol.6, issue.1, pp.128-171, 2003.
DOI : 10.1145/605434.605438
, On mutually exclusive roles and separation-of-duty, ACM Trans. Inf. Syst. Secur, vol.10, 2007.
, Access control policy combining, Proceedings of the 14th ACM symposium on Access control models and technologies, SACMAT '09, pp.135-144, 2009.
DOI : 10.1145/1542207.1542229
, Access control policy combining, Proceedings of the 14th ACM symposium on Access control models and technologies, SACMAT '09, pp.135-144, 2009.
DOI : 10.1145/1542207.1542229
, Towards a dynamic multi-policy dissemination control model, ACM SIGMOD Record, vol.35, issue.1, pp.33-38, 2006.
DOI : 10.1145/1121995.1122001
, EXAM: a comprehensive environment for the analysis of access control policies, International Journal of Information Security, vol.9, issue.3, pp.253-273, 2010.
DOI : 10.1007/s10207-010-0106-1
, The evolving role of IT managers and CIOs?findings from the 2010 IBM global IT risk study, 2010.
, A formal modeling approach for supply chain event management, Decision Support Systems, vol.43, issue.3, pp.761-778, 2007.
DOI : 10.1016/j.dss.2006.12.009
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.74.4746
, A groupbased content delivery network. In UPGRADE '08: Proceedings of the third international workshop on Use of P2P, grid and agents for the development of content networks, pp.37-44, 2008.
, Foundations of logic programming, 1984.
, Information: A Very Short Introduction, Great Clarendon Street, 2010.
, PONDER policy implementation and validation in a CIM and differentiated services framework, 2004 IEEE/IFIP Network Operations and Management Symposium (IEEE Cat. No.04CH37507), pp.31-44, 2004.
DOI : 10.1109/NOMS.2004.1317639
, Trust metrics, models and protocols for electronic commerce transactions, ICDCS'1998. Proceedings. 18th International Conference on Distributed Computing Systems, pp.312-321, 1998.
, Teleo-Reactive policies for managing human-centric pervasive services, 2010 International Conference on Network and Service Management, pp.80-87, 2010.
DOI : 10.1109/CNSM.2010.5691332
URL : http://spiral.imperial.ac.uk/bitstream/10044/1/10258/2/cnsm2010.pdf
, Pattern, English Academy Review, vol.22, issue.1, 2004.
DOI : 10.1080/10131750485310161
URL : https://hal.archives-ouvertes.fr/hal-01103443
, Towards Continuous Usage Control on Grid Computational Services, Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services, (icas-isns'05), p.82, 2005.
DOI : 10.1109/ICAS-ICNS.2005.93
, Web Services: Beyond component-based computing, Communication of the ACM, issue.10, pp.71-76, 2002.
, INSA de Lyon, tous droits réservés Capability myths demolished, these.pdf © [Z. Su], [2012], 2003.
, Comparison of the beta and the hidden markov models of trust in dynamic environments, IFIP AICT, vol.300, pp.283-297, 2009.
, Policy conflict analysis in distributed system management, Journal of Organizational Computing, vol.3, issue.1, 1993.
DOI : 10.1080/10919399409540214
, Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services, DEXA '03: Proceedings of the 14th International Workshop on Database and Expert Systems Applications, p.377, 2003.
, Nonintrusive monitoring and service adaptation for ws-bpel, WWW '08: Proceeding of the 17th international conference on World Wide Web, pp.815-824, 2008.
DOI : 10.1145/1367497.1367607
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.139.6506
, Protecting agents from malicious hosts using tpm, IJCSA, vol.6, issue.5, pp.30-58, 2009.
, Virtual machine introspection: Observation or interference? Security & Privacy, pp.32-37, 2008.
DOI : 10.1109/msp.2008.134
, An Introduction to Description Logics, Description Logic Handbook, pp.1-40, 2003.
DOI : 10.1017/CBO9780511711787.003
, Some conundrums concerning separation of duty. Security and Privacy, IEEE Symposium on, p.201, 1990.
, An obligation model bridging access control policies and privacy policies, Proceedings of the 13th ACM symposium on Access control models and technologies , SACMAT '08, pp.133-142, 2008.
DOI : 10.1145/1377836.1377857
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.666.1141
, D-algebra for composing access control policy decisions, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS '09, pp.298-309, 2009.
DOI : 10.1145/1533057.1533097
, D-algebra for composing access control policy decisions, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS '09, pp.298-309, 2009.
DOI : 10.1145/1533057.1533097
, An Access Control Language for a General Provenance Model, Secure Data Management, pp.68-88, 2009.
DOI : 10.1007/978-3-642-04219-5_5
, The design of everyday things. Basic Books, 1988.
, Open Digital Rights Language (ODRL) Version 2 Requirements
, Autonomous semantic web services, IEEE Internet Computing, vol.7, issue.5, pp.34-41, 2003.
DOI : 10.1109/MIC.2003.1232516
, A Model for Data Leakage Detection, 2009 IEEE 25th International Conference on Data Engineering, pp.1307-1310, 2009.
DOI : 10.1109/ICDE.2009.227
, Introduction to a special issue on service oriented computing, Communication of the ACM, issue.10, pp.25-28, 2003.
, Service oriented architectures: approaches, technologies and research issues, The VLDB Journal, vol.16, issue.3, pp.389-415, 2007.
, Extending the service oriented architecture, Journal of Business Integration, vol.2, issue.10, pp.18-21, 2005.
, A survey of web service technologies, 2004.
, Towards usage control models: beyond traditional access control, Proceedings of the seventh ACM symposium on Access control models and technologies , SACMAT '02, pp.57-64, 2002.
DOI : 10.1145/507711.507722
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.161.4350
, The UCON ABC usage control model
, Bootstrapping trust in a " trusted " platform, HotSec, 2008.
, Bootstrapping trust in commodity computers, IEEE Symposium on Security and Privacy, pp.414-429, 2010.
, Permission headers and contract law, Proceedings of the Workshop on Technological Strategies for Protecting Intellectual Property in the Networked Multimedia Environment, 1994.
, The real-time enterprise: competing on time using the revolutionary business SEx machine, 2004.
, Semantic context aware security policy deployment, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS '09, pp.251-261, 2009.
DOI : 10.1145/1533057.1533092
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.217.3137
, Distributed usage control, Communications of the ACM, vol.49, issue.9, pp.39-44, 2006.
DOI : 10.1145/1151030.1151053
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.132.3191
, Usage Control Enforcement: Present and Future, IEEE Security & Privacy Magazine, vol.6, issue.4, pp.44-53, 2008.
DOI : 10.1109/MSP.2008.101
, Formal Analyses of Usage Control Policies, 2009 International Conference on Availability, Reliability and Security, pp.98-105, 2009.
DOI : 10.1109/ARES.2009.100
, TPM context manager and dynamic configuration management for trusted virtualization platform, Wuhan University Journal of Natural Sciences, vol.34, issue.10, pp.539-546, 1007.
DOI : 10.1007/s11859-008-0506-5
, Expandable grids for visualizing and authoring computer security policies, Proceeding of the twenty-sixth annual CHI conference on Human factors in computing systems , CHI '08, pp.1473-1482, 2008.
DOI : 10.1145/1357054.1357285
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.158.2581
, More than skin deep, Proceedings of the 2011 annual conference on Human factors in computing systems, CHI '11, pp.2065-2074, 2011.
DOI : 10.1145/1978942.1979243
, Integrating DRM with peer-to-peer networks: Enabling the future of online content business models. Whitepaper GiantSteps? Media Technologies Strategies, 2003.
, Digital rights management: Business and technology, 2003.
, Laminar: practical fine-grained decentralized information flow control, PLDI, pp.63-74, 2009.
, xDUCON: Coordinating Usage Control Policies in Distributed Domains, 2009 Third International Conference on Network and System Security, pp.246-253, 2009.
DOI : 10.1109/NSS.2009.77
, xDUCON: Cross Domain Usage Control through Shared Data Spaces, 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, pp.178-181, 2009.
DOI : 10.1109/POLICY.2009.18
, Attestation-based policy enforcement for remote access, Proceedings of the 11th ACM conference on Computer and communications security , CCS '04, pp.308-317, 2004.
DOI : 10.1145/1030083.1030125
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.83.4401
, Transaction control expressions for separation of duties, [Proceedings 1988] Fourth Aerospace Computer Security Applications, pp.282-286, 1988.
DOI : 10.1109/ACSAC.1988.113349
, The NIST model for role-based access control: Towards a uni ed standard, Proceedings of 5th ACM Workshop on Role-Based Access Control, 2000.
, Peer-to-peer access control architecture using trusted computing technology, SACMAT, pp.147-158, 2005.
, FORM : A Federated Rights Expression Model for Open DRM Frameworks, ASIAN, pp.45-59, 2006.
DOI : 10.1007/978-3-540-77505-8_5
, Usage control reference monitor architecture. Security , Privacy and Trust in Pervasive and Ubiquitous Computing, International Workshop on, pp.13-18, 2007.
DOI : 10.1109/secperu.2007.20
, Addressing data reuse issues at the protocol level, POLICY, pp.141-144, 2011.
, Watermarking Relational Databases Using Optimization-Based Techniques, Center for Education and Research in Information Assurance and Security (CERIAS), 2006.
DOI : 10.1109/TKDE.2007.190668
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.114.6299
, Research on trusted computing and its development, Science China Information Sciences, vol.23, issue.3, pp.405-433
DOI : 10.1007/s11432-010-0069-x
, A Trusted Computing Technology Enabled Mobile Agent System, 2008 International Conference on Computer Science and Software Engineering
DOI : 10.1109/CSSE.2008.888
, A language for information flow: dynamic tracking in multiple interdependent dimensions, PLAS, pp.125-131, 2009.
, Controlling historical information dissemination in publish/subscribe, Proceedings of the 2008 workshop on Middleware security, MidSec '08, pp.34-39, 2008.
DOI : 10.1145/1463342.1463349
, Policybased information sharing in publish/subscribe middleware, POL- ICY, pp.137-144, 2008.
, Rights protection for relational data, SIGMOD '03: Proceedings of the 2003 ACM SIGMOD international conference on Management of data, 2003.
DOI : 10.1145/872757.872772
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.10.2332
, Resilient Rights Protection for Sensor Streams, VLDB, pp.732-743, 2004.
DOI : 10.1016/B978-012088469-8.50065-6
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.1.8920
, Event driven architecture augmenting Service Oriented Architecture, 2005.
, A security policy framework for context-aware and user preferences in e-services, Journal of Systems Architecture, vol.55, issue.4
DOI : 10.1016/j.sysarc.2008.12.001
URL : https://hal.archives-ouvertes.fr/hal-01276887
, Policy driven management for distributed systems, Journal of Network and Systems Management, vol.III, issue.No. 8, pp.333-360, 1994.
DOI : 10.1007/BF02283186
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.47.3914
, Engineering Policy-Based Ubiquitous Systems, The Computer Journal, vol.53, issue.7, pp.1113-1127, 2010.
DOI : 10.1093/comjnl/bxp102
URL : http://comjnl.oxfordjournals.org/cgi/content/short/53/7/1113
, Web services enable service oriented and eventdriven architectures, Journal of Business Integration, vol.5, pp.12-13, 2004.
, Trust management for secure information flows, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.175-188, 2008.
DOI : 10.1145/1455770.1455794
, Securing information flows: A metadata framework, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, pp.748-753, 2008.
DOI : 10.1109/MAHSS.2008.4660114
, TRainbow: a new trusted virtual machine based platform, Frontiers of Computer Science in China, vol.4782, issue.5, pp.47-64, 2010.
DOI : 10.1007/s11704-009-0076-5
, Applying a usage control model in an operating system kernel, Journal of Network and Computer Applications, vol.34, issue.4, pp.1342-1352, 2011.
DOI : 10.1016/j.jnca.2011.03.019
, A value-driven approach to the design of service-oriented information systemsmaking use of conceptual models. Information Systems and e-Business Management, pp.67-97, 2009.
, The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study, Information Systems Research, vol.22, issue.2, pp.254-268, 2011.
DOI : 10.1287/isre.1090.0260
, An overview of standards and related technology in Web services. Distributed and Parallel Databases, pp.135-162, 2002.
, Locking the sky: a survey on IaaS cloud security. Computing, p.2010
, Evolving to a New Dominant Logic for Marketing, Journal of Marketing, vol.68, issue.1, pp.1-17, 2004.
DOI : 10.1509/jmkg.68.1.1.24036
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.371.4442
, Delegating revocations and authorizations in collaborative business environments, Information Systems Frontiers, vol.6, issue.3, pp.293-305, 2009.
DOI : 10.1007/s10796-008-9091-6
, A smart-gate based composition method to provide services by solving conflict using dynamic user priority and compromise policy, International Journal of Innovative Computing, Information and Control, p.2987
, A logic-based framework for attribute based access control, Proceedings of the 2004 ACM workshop on Formal methods in security engineering , FMSE '04, pp.45-55, 2004.
DOI : 10.1145/1029133.1029140
, Usable Access Control in Collaborative Environments: Authorization Based on People-Tagging, ESORICS, pp.268-284, 2009.
DOI : 10.1145/1519144.1519149
, XrML -- eXtensible rights Markup Language, Proceedings of the 2002 ACM workshop on XML security , XMLSEC '02, pp.71-79, 2002.
DOI : 10.1145/764792.764803
, Usage Control Based on Windows Kernel Hook, 2009 International Conference on Information and Multimedia Technology, pp.264-267, 2009.
DOI : 10.1109/ICIMT.2009.92
, Information accountability, Communications of the ACM, vol.51, issue.6, pp.82-87, 2008.
DOI : 10.1145/1349026.1349043
, Managing collaboration performance to govern virtual organizations, Journal of Intelligent Manufacturing, vol.12, issue.5, pp.311-320, 2008.
DOI : 10.1007/s10845-008-0182-5
, Lean thinking, second edition, 2003.
, A comparative study of trust management for federation: features and measurements, Journal of Information Assurance and Security, vol.6, pp.29-038, 2011.
, The xen hypervisor
, A Formal Definition for Trust in Distributed Systems, In ISC, pp.482-489, 2005.
DOI : 10.1007/11556992_35
, Deploying and managing web services: issues, solutions, and directions. The International Journal on Very Large Data Bases, pp.537-572, 2008.
DOI : 10.1007/s00778-006-0020-3
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.134.6523
, PRUNES, Proceedings of the 7th ACM conference on Computer and communications security , CCS '00, pp.210-219, 2000.
DOI : 10.1145/352600.352633
, Interoperable strategies in automated trust negotiation, Proceedings of the 8th ACM conference on Computer and Communications Security , CCS '01, pp.146-155, 2001.
DOI : 10.1145/501983.502004
, Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation, ACM Transactions on Information and System Security, vol.6, issue.1, pp.1-42, 2003.
DOI : 10.1145/605434.605435
, How to privately utilize untrustworthy computing power, Journal of Information Assurance and Security, vol.1, pp.149-158, 2006.
, Quality driven web services composition, Proceedings of the twelfth international conference on World Wide Web , WWW '03, pp.411-421, 2003.
DOI : 10.1145/775152.775211
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.119.2363
, Cloud computing: stateof-the-art and research challenges, Journal of Internet Services and Applications, vol.167, issue.1, pp.7-18, 2010.
DOI : 10.1007/978-3-319-38904-2
, An attribute-based access matrix model, Proceedings of the 2005 ACM symposium on Applied computing , SAC '05, pp.359-363, 2005.
DOI : 10.1145/1066677.1066760
, INSA de Lyon, tous droits réservés A usage-based authorization framework for collaborative computing systems, these.pdf © [Z. Su], [2012] SACMAT '06: Proceedings of the eleventh ACM symposium on Access control models and technologies, pp.180-189, 2006.
, Toward a Usage-Based Security Framework for Collaborative Computing Systems, ACM Transactions on Information and System Security, vol.11, issue.1, pp.1-3, 2008.
DOI : 10.1145/1330295.1330298
, Formal model and policy specification of usage control, ACM Transactions on Information and System Security, vol.8, issue.4, pp.351-387, 2005.
DOI : 10.1145/1108906.1108908
, A logical specification for usage control, Proceedings of the ninth ACM symposium on Access control models and technologies , SACMAT '04, pp.1-10, 2004.
DOI : 10.1145/990036.990038
, Security Enforcement Model for Distributed Usage Control, 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008), pp.10-18, 2008.
DOI : 10.1109/SUTC.2008.79
, Policy refinement of network services for MANETs, 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, pp.113-120, 2011.
DOI : 10.1109/INM.2011.5990681
, System dependence graph construction for aspect-oriented programs, 2003.
, Dynamic security labels and static information flow control, International Journal of Information Security, vol.15, issue.2???3, pp.67-84, 2007.
DOI : 10.1007/s10207-007-0019-9
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.640.2428
, Wmxml: A system for watermarking xml data, VLDB, pp.1318-1321, 2005.
, Ceux qui veulent lire l'information doivent avoir une certification Ils doivent également avoir accédé à l'information dans les 10 jours précédents, (3) Celui qui lit une information (de fait obtient une copie de l'information)
, les informations issues de B et C sont fusionnées à l
, INSA de Lyon, tous droits réservés Universal business language v2. 0 Web services addressing (WS-Addressing) Catteddu Daniele and Hogben Giles. Cloud Computing: Benefits, risks and recommendations for information security, Web services description language (WSDL) version 2.0 part 1: Core language Weerawarana. Web services description language (WSDL) 1.1 ebXML business process specification schema technical specification v2. 0.4, 2001.
, Web services glossary, 2004.
, Designing the architecture for web services, W3C, 2003.
, Digital rights management (DRM) architectures. D-Lib Magazine, 2001.
, Assessing the security risks of Cloud Computing, 2008.
, Access control is an inadequate framework for privacy protection, 2010.
, The evolving role of IT managers and CIOs?findings from the 2010 IBM global IT risk study, 2010.
, Reference model for service oriented architecture 1, 2006.
, Introduction to a special issue on service oriented computing, Communication of the ACM, issue.10, pp.25-28, 2003.
, Service oriented architectures: approaches, technologies and research issues, The VLDB Journal, vol.16, issue.3, pp.389-415, 2007.
, Extending the service oriented architecture, Journal of Business Integration, vol.2, issue.10, pp.18-21, 2005.
, A survey of web service technologies, 2004.
, The UCON_ABC usage control model
, A Collaborative-context Oriented Policy Model for Usage-control in Business Federation, 2011.
, Toward Comprehensive Security Policy Governance in Collaborative Enterprise, 2011.
, Full Lifecycle Resource Protection in Composite Web Service with XACML. ICIC Express Letters, Part B: Applications, vol.2, issue.5, pp.1045-1050, 2011.
, Full Lifecycle Resource Protection in Composite Web Service with XACML, 2011.
, End-to-end Security Policy Description and Management for Collaborative System, Journal of Information Assurance and Security, 2011.
, End-to-end Security Policy Description and Management for Collaborative System. Proceeding of the IAS2010, 2010.