Solving the Access-Control Puzzle: Finding the Pieces and Putting Them Together

摘要

Research in access control ranges from the theoretical to the practical, and often involves the consideration of a variety of questions related to system and model design, analysis, deployment, evaluation, and end-user acceptability. Each of these areas of research in access control contains a wealth of research topics. For instance, the umbrella of theoretical considerations includes a diverse array of topics including access-control models, authorization logics, and cryptographic primitives for enforcing disclosure controls; systems considerations include PKI development and deployment, the design of trustworthy hardware, and trustworthy protocol design and analysis; and user considerations can range from user-interface metaphors and approaches to strategies for evaluating the usability of access-control systems in situ.