| Selected publications |
| Administrative scope: A foundation for role-based administrative models (with G. Loizou). ACM Transactions on Information and System Security, 6(2), 201-231, 2003. |
|
| Specifying and enforcing constraints in role-based access control. In Proceedings of 8th ACM Symposium on Access Control Models and Technologies (SACMAT03), 43-50, 2003. |
|
| On permissions, inheritance and role hierarchies. In Proceedings of 10th ACM Conference on Computer and Communications Security (CCS 2003), 85-92, 2003. |
|
| Understanding and developing role-based administrative models. In Proceedings of 12th ACM Conference on Computer and Communications Security (CCS 2005), 158-167, 2005. |
|
| On key assignment for hierarchical access control (with K. Martin and P. Wild). In Proceedings of 19th Computer Security Foundations Workshop, 98-111, 2006. |
|
| Delegation in role-based access control (with H. Khambhammettu). International Journal of Information Security, 7(2), 123-136, 2008. |
|
| On spatio-temporal constraints and inheritance in role-based access control (with L. Chen). In Proceedings of ACM Symposium on Information, Computer and Communications Security (ASIACCS 08), 205-216, 2008. |
|
| Cryptographically-enforced hierarchical access control with multiple keys. Journal of Logic and Algebraic Programming, 78, 690-700, 2009. | .
|
| Set cover problems in role-based access control (with L. Chen). In Proceedings of 14th European Symposium on Research in Computer Security, 689-704, 2009 |
|
| |
| To appear |
| Authorization recycling in RBAC systems (with K. Beznosov, M. Ripeanu and Q. Wei). To appear in ACM Transactions on Information and System Security |
|
| |
| Journal papers |
| A logic of access control (with G. Loizou and G. O'Shea). The Computer Journal, 44(2), 137-149, 2001. | |
| Authorisation and antichains (with G. Loizou). Operating Systems Review, 35(3), 6-15, 2001. | |
| The completion of a poset in a lattice of antichains (with G. Loizou). International Mathematical Journal, 1(3), 223-238, 2001. | |
| Administrative scope: A foundation for role-based administrative models (with G. Loizou). ACM Transactions on Information and System Security, 6(2), 201-231, 2003. | |
| Access control in a distributed object environment using XML and roles (with H. Khambhammettu). South African Computer Journal, 31, 2-8, 2003. | |
| RGFGA: An efficient representation and crossover for grouping genetic algorithms (with S. Swift and A. Tucker). Evolutionary Computation, 13(4), 477-500, 2005. | |
| The interpretation and utility of three cohesion metrics for object-oriented design (with S. Counsell and S. Swift). ACM Transactions on Software Engineering and Methodology, 15(2), 123-149, 2006. | |
| Applying hierarchical and role-based access control to XML documents. International Journal of Computer Science and System Engineering, 21(5), 325-338, 2006.
|
|
| Delegation in role-based access control (with H. Khambhammettu). In International Journal of Information Security, 7(2), 123-136, 2008. |
|
| An access control framework for WS-BPEL (with F. Paci and E. Bertino). International Journal of Web Services Research, 5(3), 20-43, 2008. |
|
| Cryptographically-enforced hierarchical access control with multiple keys. Journal of Logic and Algebraic Programming, 78, 690-700, 2009. | .
|
| |
| Conference papers |
| Administrative scope and role hierarchy operations (with G. Loizou). In Proceedings of 7th ACM Symposium on Access Control Models and Technologies (SACMAT02), 145-154, 2002. |
|
| Specifying and enforcing constraints in role-based access control. In Proceedings of 8th ACM Symposium on Access Control Models and Technologies (SACMAT03), 43-50, 2003. |
|
| Access control in a distributed object environment using XML and roles (with H. Khambhammettu). In Proceedings of 3rd Annual Information Security South Africa Conference (ISSA 2003), 75-87, 2003. |
|
| On permissions, inheritance and role hierarchies. In Proceedings of 10th ACM Conference on Computer and Communications Security (CCS 2003), 85-92, 2003. |
|
| Authorization and certificates: Are we pushing when we should be pulling (with H. Khambhammettu). In Proceedings of the IASTED International Conference on Communication, Network, and Information Security, 62-66, 2003. |
|
| The consistency of task-based authorization constraints in workflow systems (with K. Tan and C. Gunter). In Proceedings of 17th IEEE Computer Security Foundations Workshop, 155-169, 2004. |
|
| An algebraic approach to the analysis of constrained workflow systems. In Proceedings of 3rd Workshop on Foundations of Computer Security (FCS'04), 61-74, 2004. |
|
| Applying hierarchical and role-based access control to XML documents. In Proceedings of ACM Workshop on Secure Web Services 2004, 41-50, 2004. |
|
| A reference monitor for workflow systems with constrained task execution. In Proceedings of 10th ACM Symposium on Access Control Models and Technologies, 38-47, 2005. |
|
| ICARUS: Intelligent coupon allocation for retailers using search (with A. Shi, S. Swift and A. Tucker). In Proceedings of 2005 IEEE Congress on Evolutionary Computation, 182-189, 2005. |
|
| Understanding and developing role-based administrative models. In Proceedings of 12th ACM Conference on Computer and Communications Security, 158-167, 2005. |
|
| Data structures for constraint enforcement in role-based systems (with H. Khambhammettu). In Proceedings of IASTED International Conference on Communication, Network and Information Security, 140-145, 2005. |
|
| The secondary and approximate authorization model and its application to Bell-LaPadula policies (with W. Leung and K. Beznosov). In Proceedings of 11th ACM Symposium on Access Control Models and Technologies, 111-120, 2006. |
|
| On key assignment for hierarchical access control (with K. Martin and P. Wild). In Proceedings of 19th Computer Security Foundations Workshop, 98-111, 2006. |
|
| Discretionary and mandatory access controls for role-based administration. In Proceedings of 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, 194-208, 2006. |
|
| Access control and authorization constraints for WS-BPEL (with E. Bertino and F. Paci). In Proceedings of 2006 IEEE International Conference on Web Services, 275-284, 2006. |
|
| Delegation in role-based access control (with H. Khambhammettu). In Proceedings of 11th European Symposium on Research in Computer Security, 174-191, 2006. |
|
| The monitorability of service-level agreements for application-service provision, (with J. Skene, A. Skene, and W. Emmerich). In Proceedings of Sixth International Workshop on Software and Performance (WOSP 2007), 3-14, 2007. |
|
| Extended privilege inheritance in RBAC (short paper with M. Dekker, S. Etalle, and J. Cederquist). In Proceedings of 2007 ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'07), 383-385, 2007. |
|
| A certificate-free grid security infrastructure supporting password-based user authentication (with H.W. Lim, K.G. Paterson, and G. Price). In Proceedings of 6th Annual PKI R&D Workshop, 2007. |
|
| Applications of the oriented permission role-based access control model (with L. Chen). In Proceedings of the 26th IEEE International Performance Computing and Communications Conference, 387-394, 2007. |
|
| An improved restricted growth function genetic algorithm for the consensus clustering of retinal nerve fibre data (with S. Swift and A. Tucker). In Proceedings of GECCO 2007, 2174-2181, 2007. | |
| Efficiency updates for the restricted growth function genetic algorithm for grouping problems (poster with S. Swift and A. Tucker). In Proceedings of GECCO 2007, 1536, 2007. |
|
| Inter-domain role mapping and least privilege (short paper with L. Chen). In Proceedings of 12th ACM Symposium on Access Control Models and Technologies, 157-162, 2007. |
|
| Avoiding key redistribution in key assignment schemes (with H. Rowe). In Proceedings of the Fourth International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, 127-140, 2007. |
|
| Cryptographically-enforced hierarchical access control with multiple keys. In Proceedings of the 12th Nordic Workshop on Secure IT Systems, 49-60, 2007. |
|
| What can identity-based cryptography offer to web services? (with H.W. Lim and K.G. Paterson). In Proceedings of the 4th ACM Workshop on Secure Web Services, 26-36, 2007. |
|
| On delegation and workflow execution models (with H. Khambhammettu). In Proceedings of 21st ACM Symposium on Applied Computing, 2137-2144, 2008. |
|
| On spatio-temporal constraints and inheritance in role-based access control (with L. Chen). In Proceedings of ACM Symposium on Information, Computer and Communications Security (ASIACCS 08), 205-216, 2008. |
|
| Delegation and satisfiability in workflow systems (with H. Khambhammettu). In Proceedings of 13th ACM Symposium on Access Control Models and Technologies, 31-40, 2008. |
|
| Authorization recycling in RBAC systems (with Q. Wei, K. Beznosov and M. Ripeanu). In Proceedings of 13th ACM Symposium on Access Control Models and Technologies, 63-72, 2008. |
|
| RBAC administration in distributed systems (with M. Dekker and S. Etalle). In Proceedings of 13th ACM Symposium on Access Control Models and Technologies, 93-102, 2008. |
|
| Role signatures for access control in open distributed systems (with H.W. Lim). In Proceedings of 23rd International Information Security Conference, 2008. |
|
| Why we should take a second look at access control in Unix. In Proceedings of 13th Nordic Workshop on Secure IT Systems, 2008. |
|
| A framework for enforcing constrained RBAC policies (with H. Khambhammettu). In Proceedings of 2009 IEEE International Conference on Information Privacy, Security, Risk and Trust |
|
| Set cover problems in role-based access control (with L. Chen). In Proceedings of 14th European Symposium on Research in Computer Security,689-704, 2009 |
|
| Trade-offs in cryptographic implementations of temporal access control. In Proceedings of 14th Nordic Workshop on Secure IT Systems, 72-87, 2009. |
|
| Detecting and countering insider threats: Can policy-based access control help? (with M. Huth) Proceedings of the 5th International Workshop on Security and Trust Management, 2009. |
|
| |
| Book chapters |
| Information security (with K.G. Paterson, F. Piper and M. Robshaw). In Handbook of Security, 358-379, 2006, Perpetuity Press. | |
| Security for distributed systems: Foundations of access control (with E. Bertino). In Information Assurance: Survivability and Security in Networked Systems, Morgan Kaufman. | |
| |
| PhD thesis |
| Authorization and Antichains, PhD Thesis, Birkbeck College, University of London, April 2002.
|
|
| |
| Technical reports |
| Evaluating and improving access control (with G. Loizou and G. O'Shea ). Technical report BBKCS-99-11, 1999. | |
| Conflict of interest policies: A general approach (with G. Loizou). Technical report BBKCS-00-07, 2000. | |
| Two partial orders on the set of antichains (with G. Loizou). Technical report BBKCS-00-09, 2000. | |
| The structural complexity of conflict of interest policies (with G. Loizou). Technical report BBKCS-00-13, 2000. | |
| SARBAC: A new model for role-based administration (with G. Loizou). Technical report BBKCS-02-09, 2002. | |
| On the satisfiability of constraints in workflow systems. Technical report RHUL-MA-2004-1, 2004. | |
| Understanding and developing role-based administrative models. Technical report RHUL-MA-2005-6, 2005. | |
| |
| Miscellaneous |
| XML, Information Security Technical Report, 9(3), September 2004. (Editor) | |
| Web Services, Information Security Technical Report, 10(1), March 2005. (Editor) | |
