24,229 Hits in 9.0 sec

Modularity and Dynamic Adaptation of Flexibly Secure Systems: Model-Driven Adaptive Delegation in Access Control Management [chapter]

Phu H. Nguyen, Gregory Nain, Jacques Klein, Tejeddine Mouelhi, Yves Le Traon
2014 Lecture Notes in Computer Science  
various delegation features into securitycritical systems; and 3) providing a flexibly dynamic adaptation strategy.  ...  This paper gives a formalization of access control and delegation mechanisms, and analyses the main hard-points for introducing various advanced delegation semantics in Model-Driven Security.  ...  We would like to thank the anonymous referees for their comments and suggestions. This work is supported by the Fonds National de la Recherche (FNR), Luxembourg, under the MITER project C10/IS/783852.  ... 
doi:10.1007/978-3-642-55099-7_4 fatcat:zbt4spp4mvdoxgjeivhoczbhoq

Model-driven adaptive delegation

Phu Hong Nguyen, Gregory Nain, Jacques Klein, Tejeddine Mouelhi, Yves Le Traon
2013 Proceedings of the 12th annual international conference on Aspect-oriented software development - AOSD '13  
business logic as separate concerns; 2) dynamically enforcing/weaving access control policies with various delegation features into security-critical systems; and 3) providing a flexibly dynamic adaptation  ...  We demonstrate the feasibility and effectiveness of our proposed solution through the proof-of-concept implementations of different systems.  ...  Flexible means that different subjects for delegation should be supported, i.e. delegation of roles, specific permissions or obligations.  ... 
doi:10.1145/2451436.2451445 dblp:conf/aosd/NguyenNKMT13 fatcat:pxpjg7ho7vd2biecoqjqv3p67y

Criteria Specifications for the Comparison and Evaluation of Access Control Models

Shabnam Mohammad Hasani, Nasser Modiri
2013 International Journal of Computer Network and Information Security  
Access control is considered as the core of information security and the center of data protection and availability of needs.  ...  Considering the diverse structure, requirements, and specifications of an organization, and taking into account that access control policies and models are available in diverse forms, it is required to  ...  with the different types of access controls.  ... 
doi:10.5815/ijcnis.2013.05.03 fatcat:dbjk2x73qnbcditefywucyzuxa

Using dynamic aspects for delegating fine-grained access rights

Kung Chen
2005 12th Asia-Pacific Software Engineering Conference (APSEC'05)  
This paper shows that a proper combination of instance-level aspects and dynamic deployment can be used to enhance an aspect-based access control system with dynamic and fine-grained delegation effectively  ...  We developed a prototype implementation using the per instance interception mechanism of AspectWerkz. While workable, this mechanism still leaves much to be desired.  ...  Figure 2 depicts their main functions and relationships between them. The delegation manager keeps the permissible delegation records in a system and is operated by the security administrator.  ... 
doi:10.1109/apsec.2005.111 dblp:conf/apsec/Chen05 fatcat:matr3egdrrgslg6nfskelyhij4

Security-driven model-based dynamic adaptation

Brice Morin, Tejeddine Mouelhi, Franck Fleurey, Yves Le Traon, Olivier Barais, Jean-Marc Jézéquel
2010 Proceedings of the IEEE/ACM international conference on Automated software engineering - ASE '10  
Current implementations of access control rely on the separation between the policy and the application code.  ...  Security is a key-challenge for software engineering, especially when considering access control and software evolutions.  ...  The bindings between components from different layers indicates the permissions, and In this section, we showed how the security (access control) concern is composed with a base architecture, to finally  ... 
doi:10.1145/1858996.1859040 dblp:conf/kbse/MorinMFTBJ10 fatcat:wlz4tbsvfzelnigxqdxu3nk3f4

Explicit Delegation Using Configurable Cookies [chapter]

David Llewellyn-Jones, Graeme Jenkinson, Frank Stajano
2017 Lecture Notes in Computer Science  
Password sharing is widely used as a means of delegating access, but it is open to abuse and relies heavily on trust in the person being delegated to.  ...  We conclude that security for the delegator against misbehaviour of the delegatee can only be achieved with the cooperation of the entity offering the service being delegated.  ...  There is a direct relationship between expressiveness and security. 3. There is an inverse relationship between security and trust. 4. Accountability is the precise inverse of plausible deniability.  ... 
doi:10.1007/978-3-319-62033-6_17 fatcat:z53o45j2vbgkxibb3edgo757eu

H-RBAC: A Hierarchical Access Control Model for SaaS Systems

Dancheng Li, Cheng Liu, Binsheng Liu
2011 International Journal of Modern Education and Computer Science  
Access control is a security mechanism that enables an authority to access to certain restricted areas and resources according to the permissions assigned to a user.  ...  So it's more important for SaaS systems to take security issues into account.  ...  ACKNOWLEDGMENT This Work was supported by Natural Science Foundation of Liaoning Province. (No.20092006)  ... 
doi:10.5815/ijmecs.2011.05.07 fatcat:rzmvi47hhvexjfu5uou3s7w4fe

A trust-based security mechanism for nomadic users in pervasive systems [article]

Mohammed Nadir Djedid
2012 arXiv   pre-print
It then becomes necessary to give more autonomy to security systems by providing them with mechanisms that allows a dynamic and flexible cooperation and collaboration between the actors in the system.  ...  In a highly distributed and pervasive system, a uniform and centralized security management is not an option.  ...  The goal of WS-Security is to provide the users with a transparent and flexible authentication protocol, allowing different authentication modes from different organizations to interact.  ... 
arXiv:1212.4373v1 fatcat:c3a3pm5oerfgvaytezx6xj6q5i

Flexible, Decentralized Access Control for Smart Buildings with Smart Contracts [article]

Leepakshi Bindra, Kalvin Eng, Omid Ardakanian, Eleni Stroulia
2020 arXiv   pre-print
In this paper, we describe a methodology that can flexibly and securely manage building access privileges for long-term occupants and short-term visitors alike, taking into account the risk associated  ...  We illustrate the proposed method through a typical application scenario in the context of a real office building and argue that it can greatly reduce the administration overhead, while, at the same time  ...  This method of delegation uses secured hashing to prevent the permission from being forged.  ... 
arXiv:2010.08176v1 fatcat:3qki5iwcqvh6ba2ornlnfznjmy

Policy administration control and delegation using XACML and Delegent

L. Seitz, E. Rissanen, T. Sandholm, B.S. Firozabadi, O. Mulmo
2005 The 6th IEEE/ACM International Workshop on Grid Computing, 2005.  
This allows us to use the delegation capabilities of Delegent together with the expressive access level permissions of XACML.  ...  In this paper we present a system permitting controlled policy administration and delegation using the XACML access control system.  ...  AKNOWLEDGEMENT The authors would like to thank the scientific service of the French embassy in Stockholm for funding the French-Swedish cooperation that led to this work.  ... 
doi:10.1109/grid.2005.1542723 dblp:conf/grid/SeitzRSFM05 fatcat:7odyu2p54bcfpbbsbaru7fc23u

On the Security of Delegation in Access Control Systems [chapter]

Qihua Wang, Ninghui Li, Hong Chen
2008 Lecture Notes in Computer Science  
However, most existing literature focuses on modeling and managing delegations. Little work has been done on understanding the impact of delegation on the security of existing access control systems.  ...  Simply incorporating a delegation module into those systems may cause security breaches. This paper focuses on the security aspect of delegation in access control systems.  ...  We have formally defined the notion of security with respect to delegation. A system that is secure regarding delegation is resistent to collusion.  ... 
doi:10.1007/978-3-540-88313-5_21 fatcat:hlbe6oeeobb6bfkf47fgcozeui

Survey on delegated and self-contained authorization techniques in CPS and IoT

Sreelakshmi Vattaparambil Sudarsan, Olov Schelen, Ulf Bodin
2021 IEEE Access  
Due to the heterogeneous nature of Cyber-Physical Systems and the Internet of Things, several authorization techniques using different access control models, accounts, groups, tokens, and delegations have  ...  Comparison is performed on several parameters such as type of communication, method of authorization, control of expiration, and use of techniques such as public-key certificate, encryption techniques,  ...  There are several methods for 430 interaction between the resource owner and this server.  ... 
doi:10.1109/access.2021.3093327 fatcat:amkmt5e2hbdthhjzzi5bycjlia

Access Control Models

Maria Penelova
2021 Cybernetics and Information Technologies  
Second, they are analyzed and compared by a number of parameters: storing the identity of the user, delegation of trust, fine-grained policies, flexibility, object-versioning, scalability, using time in  ...  Access control is a part of the security of information technologies. Access control regulates the access requests to system resources. The access control logic is formalized in models.  ...  Nodes represent users, the different types of edges represent the different types of relationships between users.  ... 
doi:10.2478/cait-2021-0044 fatcat:jaq65u6lcbdwlae4xlsazje6um

Scalable Role-based Access Control Using The EOS Blockchain [article]

Mohsin Ur Rahman
2020 arXiv   pre-print
This research proposes a scalable, flexible and auditable RBAC system using the EOS blockchain platform to meet the security requirements of organizations.  ...  Our proposed blockchain-based RBAC supports delegation capabilities using gaseless transactions which makes it adoptable and appealing in a large number of application scenarios.  ...  Currently, the General Data Protection Regu-lation (GDPR) protects personal information and it requires resource owners to acquire a user consent to store and manage his/her personal information.  ... 
arXiv:2007.02163v1 fatcat:waj5y7ub45blzi5xqzscizmony

Behavior-based access control for distributed healthcare systems

Mohammad H. Yarmand, Kamran Sartipi, Douglas G. Down
2013 Journal of Computer Security  
The model is generic and flexible in the sense that an access control engine dynamically receives security effective parameters from the subject user, and identifies the privilege level in accessing data  ...  Sensitivity of clinical data and strict rules regarding data sharing have caused privacy and security to be critical requirements for using patient profiles in distributed healthcare systems.  ...  As another example the AssociationConstraint (defined in Appendix A) can be described in a similar manner.  ... 
doi:10.3233/jcs-2012-0454 fatcat:zlbfrfgr4fcmxmuakwx4wbiwmu
« Previous Showing results 1 — 15 out of 24,229 results