Messaging and security systems can benefit from using attributes of people and data to route messages and make access decisions. Such information can be extracted from enterprise information systems such as human resources records or labels on data and used to improve the privacy and efficiency of messaging and the management of access permissions to enterprise data resources. This project is developing theory, architectures, and applications for communication and information systems based on automated use and management of attributes.
Publications
Implementing Reflective Access Control in SQL,
Lars E. Olson, Carl A. Gunter, William R. Cook, and Marianne Winslett.
23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec '09), Montreal, QC, July 2009.
PBES: A Policy Based Encryption System with Application to Data Sharing in the Power Grid,
Rakeshbabu Bobba, Himanshu Khurana, Musab AlTurki, andĀ Farhana Ashraf.
ACM Symposium on Information, Computer and Communication Security (ASIACCS '09), Sydney Australia, March 2009.
A Formal Framework for Reflective Database Access Control Policies,
Lars E. Olson, Carl A. Gunter, and P. Madhusudan.
ACM Conference on Computer and Communications Security (CCS '08), Alexandria, VA, October 2008.
PolicyMorph: Interactive Policy Transformations for a Logical Attribute-Based Access Control Framework,
Michael LeMay, Omid Fatemieh, and Carl A. Gunter.
ACM Symposium on Access Control Models And Technologies (SACMAT '07), Sophia Antipolis, France, June 2007. [PPT] [BIB]
Using Attribute-Based Access Control to Enable Attribute-Based Messaging,
Rakesh Bobba, Omid Fatemieh, Fariba Khan, Carl A. Gunter, and Himanshu Khurana.
IEEE Annual Computer Security Applications Conference (ACSAC '06) , Miami, FL, December 2006. [PPT] [BIB]
Using Attribute-Based Access Control to Enable Attribute-Based Messaging
Fariba Khan
MS Thesis, University of Illinois at Urbana-Champaign, 2006. [BIB]
AMPol-Q: Adaptive Middleware Policy to Support QoS
Raja Afandi, Jianqing Zhang, and Carl A. Gunter.
AMPol-Q: Adaptive Middleware Policy to Support QoS
Raja Afandi, Jianqing Zhang, and Carl A. Gunter.
International Conf. on Service Oriented Computing (ICSOC '06), Chicago, Illinois, December, 2006. ACM [BIB]
AMPol: Adaptive Messaging Policy
Raja Afandi, Jianqing Zhang, Munawar Hafiz and Carl A. Gunter
European Conference on web Services (ECOWS '06), Zurich, Switzerland, December, 2006. IEEE. [BIB]
Defeasible Security Policy Composition for Web Services,
Adam J. Lee, Jodie P. Boyer, Lars E. Olson, and Carl A. Gunter.
ACM Formal Methods in Softwware Engineering (FMSE '06), Alexandria, VA, November 2006. [PPT] [BIB]
AMPOL: Adaptive Messaging Policy Based System
Raja N. Afandi
MS Thesis, University of Illinois at Urbana-Champaign, 2005.