References

BibTex References
Abadi, M., Burrows, M., Lampson, B., and Plotkin, G. (1993). “A Calculus for Access Control in Distributed Systems.” ACM Transactions on Programming Languages and Systems, 15(4), 706-733.
 
Anderson, R. J. “A Security Policy Model for Clinical Information Systems.” 1996 IEEE Symposium on Security and Privacy, 30-42.
 
Bertino, E., and Jajodia, S. “Supporting Multiple Access Control Policies in Database Systems.” 1996 Symposium on Security and Privacy, 94-107.
 
Blaze, M., Feigenbaum, J., and Lacy, J. (1996). “Decentralized Trust Management.” 96-17, DIMACS Technical Report.
 
Blaze, M., Feigenbaum, J., and Lacy, J. “Decentralized Trust Management.” , 164-173.
 
Boswell, A. (1995). “Specification and Validation of a Security Policy Model.” IEEE Transactions on Software Engineering, 21(2), 63-68.
 
Cholvy, L., and Cuppens, F. “Analyzing Consistency of Security Policies.” 1997 IEEE Symposium on Security and Privacy, Oakland, CA, 103-112.
 
Clark, D. D., and Wilson, D. R. “A Comparison of Commercial and Military Computer Security Policies.” Proceedings of the Symposium on Security and Privacy 1987, 184-193.
 
Cuppens, F., and Saurel, C. “Specifying a Security Policy: A Case Study.” Proceedings of the 9th IEEE Computer Security Foundations Workshop, 123-134.
 
Dinolt, G. W., Benzinger, L. A., and Yatabe, M. G. “Combining Components and Policies.” Proceedings of the Computer Security Foundations Workshop VII, Los Alamitos, CA, 22-33.
 
Edjlali, G., Acharya, A., and Chaudhary, V. “History-based Access-control for Mobile Code.” Proceedings of the Fifth ACM Conference on Computer and Communications Security, San Francisco, CA.
 
Ford, W. R. “Administration in a Multiple Policy/Domain Environment: The Administration and Melding of Disparate Policies.” , 42-51.
 
Fraser, T., and Badger, L. “Ensuring Continuity During Dynamic Security Policy Reconfiguration in DTE.” 1998 Symposium on Security and Privacy, Oakland, CA, 15-26.
 
Freeman, J. W., Neely, R. B., and Heckard, M. A. “A Validated Security Policy Modeling Approach.” , 189-200.
 
Giuri, L., and Iglio, P. “A Formal Model for Role-Based Access Control with Constraints.” , 136-145.
 
Gligor, V. D., Gavrila, S. I., and Ferraiolo, D. “On the Formal Definition of Separation-of-Duty Policies and their Composition.” 1998 Symposium on Security and Privacy, Oakland, CA, 172-183.
 
Goguen, J. A., and Meseguer, J. “Security Policies and Security Models.” 1982 Symposium on Security and Privacy, 11-20.
 
Goguen, J. A., and Meseguer, J. “Unwinding the Inference Control.” 1984 Symposium on Security and Privacy, 75-85.
 
Guttman, J. D. “Filtering Postures: Local Enforcement for Global Policies.” 1997 IEEE Symposium on Security and Privacy, Oakland, CA, 120-129.

Hamilton, D. “Application Layer Security Requirements of a Medical Information System.” 15th National Computer Security Conference, Baltimore Convention Center, Baltimore, MD, 9-17.
 
Hayton, R. J., Bacon, J. M., and Moody, K. “Access Control in an Open Distributed Environment.” 1998 Symposium on Security and Privacy, Oakland, CA, 3-14.
 
Heydon, A., Maimone, M. W., Tygar, J. D., Wing, J. M., and Zaremski, A. M. “Miro Tools.” 1989 IEEE Workshop on Visual Languages, 86-91.
 
Heydon, A., Maimone, M. W., Tygar, J. D., Wing, J. M., and Zaremski, A. M. (1990). “Miró: Visual Specification of Security.” IEEE Transactions on Software Engineering, 6(10), 1185-1197.
 
Heydon, A., and Tygar, J. D. “Specifying and Checking Unix Security Constraints.” In UNIX Security Symposium III Proceedings, Berkeley, CA, 211-226.
 
Hoagland, J., and Patel, B. “Specification and Application of Policies for Securing Communication.” 1998 USENIX Security Conference, submitted.
 
Hoagland, J., Pandey, R., and Levitt, K. N. (1998). “Security Policy Specification Using a Graphical Approach.” CSE-98-3, University of California, Davis, Davis, CA.
 
Jajodia, S., Samarati, P., and Subrahmanian, V. S. “A Logical Language for Expressing Authorizations.” , Oakland, CA, 31-42.
 
Kuhnhauser, W. E. “A Paradigm for User-Defined Security Policies.” 1995 IEEE Symposium on Reliable Distribution of Systems, 135-144.
 
Lampson, B. W. “Protection.” Proceedings of the 5th Symposium on Information Sciences and Systems, Princeton University.
 
Maimone, M. W., Tygar, J. D., and Wing, J. M. “Miró Semantics for Security.” 1988 Workshop on Visual Languages, Princeton University, 45-51.
 
Michael, J. B., Sibley, E. H., Baum, R. F., Wexelblat, R. L., and Li, F. “Experiments in Support of Policy Representation.” Proceedings of the International Conference on Economics/Management and Information Technology, Tokyo, Japan, 323-326.
 
Michael, J. B., Sibley, E. H., and Littman, D. C. “Integration of Formal And Heuristic Reasoning as a Basis for Testing and Debugging Computer Security Policy.” Proceedings of the New Security Paradigms Workshop, Los Alamitos, CA, 69-75.
 
Michael, J. B., Sibley, E. H., Baum, R. F., and Li, F. (1993). “On the Axiomation of Security Policy: Some Tentative Observations About Logic Representation.” Database Security, VI: Status and Prospects, B. M. Thuraisingham and C. E. Landwehr, eds., Elsevier Science Publishers, North Holland, 367-386.
 
Michael, J. B., Sibley, E. H., and Lin, T. H. “Designing and Maintaining Intelligent Vehicle Highway System Security Policy.” Proceedings of the First World Congress on Applications of Transport Telematics and Intelligent Vehicle-Highway Systems, 213-220.
 
Miller, D. V., and Baldwin, R. W. “Access control by Boolean Expression Evaluation.” Proceedings Fifth Annual Computer Security Applications Conference, Tucson, AZ, 131-139.
 
Moffett, J. D., and Sloman, S. (1991). “The Representation of Policies as System Objects.” Association for Computing Machinery, 12(2-3), 171-184.
 
Myers, A. C., and Liskov, B. “Complete, Safe Information Flow with Decentralized Labels.” 1998 Symposium on Security and Privacy, Oakland, CA, 186-197.
 
Peri, R. V., and Wulf, W. A. “Formal Specification of Information Flow Security Policies and Their Enforcement in Security Critical Systems.” Proceedings, the Computer Security Foundations Workshop VII, Los Alamitos, CA, 118-125.
 
Peri, R. V., Wulf, W. A., and Kienzle, D. M. “A Logic of Composition for Information Flow Predicates.” Proceedings of the 9th IEEE Computer Security Foundations Workshop, Los Alamitos, CA, 82-94.
 
Polk, W. T. “Approximating Clark-Wilson 'Access Triple' with Basic UNIX Controls.” UNIX Security Symposium IV, 145-154.
 
Sandhu, R. S. “The Typed Access Matrix Model.” Proceedings of the 1992 IEEE Symposium on Security and Privacy, Oakland, CA, 122-136.
 
Sandhu, R. S. (1993). “Lattice-Based Access Control Models.” Computer, 26(11), 9-19.
 
Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. “Role-based access control: a multi-dimensional view.” Proceedings of the 10th Annual Computer Security Applications Conference, Orlando, FL, 54-62.
 
Serban, C., and McMillin, B. “Run-Time Security Evaluation (RTSE) for Distributed Applications.” 1996 IEEE Symposium on Security and Privacy, 222-232.
 
Sibley, E. H., Wexelblat, R. L., Michael, J. B., Tanner, M. C., and Littman, D. C. “The Role of Policy in Requirements Definition.” IEEE International Symposium on Requirements Engineering, Los Alamitos, CA, 277-280.
 
Sinclair, J., and Ince, D. “The Use of Z in Specifying Security Properties.” Proceedings, 7th International Conference on : Putting into practice methods and tools for information system design, Nantes, France, 27-39.
 
Son, S. H., Chaney, C., and Thomlinson, N. P. “Partial Security Policies to Support Timeliness in Secure Real-time Databases.” 1998 Symposium on Security and Privacy, Oakland, CA, 136-147.
 
Steinke, G. (1997). “A Task-Based Approach to Implementing Computer Security.” Journal of Computer Information Systems, Fall, 47-54.
 
Thompson, R. M. “Security Policy, Requirements, and Verification.” 1992 URISA Proceedings, 157-165.
 
Tygar, J. D., and Wing, J. M. “Visual Specification of Security Constraints.” Proceedings of the 1987 Workshop on Visual Languages, 288-301.
 
Varadharajan, V., and Calvelli, C. (1996). “An Access Control Model and its Use in Representing Mental Health Application Access Policy.” IEEE Transactions on Knowledge and Data Engineering, 8(1), 81-95.
 
Woo, T. Y. C., and Lam, S. S. “Authorization in Distributed Systems: A Formal Approach.” 1992 IEEE Computer Society Symposium on Research in Security and Privacy, Los Alamitos, CA, 33-50.
 
Zakinthinos, A., and Lee, E. S. “A General Theory of Security Properties.” 1997 Symposium on Security and Policy, Oakland, CA, 94-102.