Abstract:

Controlling Access to Documents: A Formal Access Control Model

Paul E. Sevinç and David Basin


Current access-control systems for documents suffer from one or more of the following limitations: they are coarse-grained, limited to XML documents, or unable to maintain control over copies of documents once they are released by the system. We present a formal model of a system that overcomes all of these restrictions. It is very fine-grained, supports a general class of documents, and provides a foundation for usage control.