396 Hits in 6.5 sec

Multi-session Separation of Duties (MSoD) for RBAC

David W Chadwick, Wensheng Xu, Sassa Otenko, Romain Laborde, Bassem Nasser
2007 2007 IEEE 23rd International Conference on Data Engineering Workshop  
We propose an approach to expressing MSoD policies in XML and enforcing MSoD policies in a policy controlled RBAC infrastructure.  ...  Separation of duties (SoD) is a key security requirement for many business and information systems. Role Based Access Controls (RBAC) is a relatively new paradigm for protecting information systems.  ...  Acknowledgments The authors would like to thank UK JISC for funding this work under the DyCom project. References  ... 
doi:10.1109/icdew.2007.4401062 dblp:conf/icde/ChadwickXOLN07 fatcat:2n6ijf7z4bgcpepons6hkuigga

Security for Workflow Systems

Vijay Atluri
2001 Information Security Technical Report  
Although some commercial WFMSs such as FlowMark, Lotus Notes and Changengine can support role-based access control, they do not provide support to specify and enforce separation of duties constraints.  ...  In such an approach, the entire workflow is sent to the first task execution agent, which executes its task, and then sends the remaining workflow to the next task execution agent.  ... 
doi:10.1016/s1363-4127(01)00207-2 fatcat:ivpa5blkgzcbvbo34pou5fmw4e

Web Services Enabled E-Market Access Control Model

Harry J. Wang, Hsing K. Cheng, J. Leon Zhao
2004 International Journal of Web Services Research  
Currently, there is a lack of comprehensive approach in access control that can be used to maintain data security in e-markets.  ...  We propose to integrate several known access control mechanisms such as role-based access control, coalition-based access control, and relationship driven access control into an e-market access control  ...  (2001) defined static separation of duty (SSOD) and dynamic separation of duty (DSOD) in the context of role-based access control model.  ... 
doi:10.4018/jwsr.2004010102 fatcat:4xjaiqrayrh4lhuijkygkrz5wa

Using X.509 Attribute Certificates for Role-Based EAM [chapter]

Dongwan Shin, Gail-Joon Ahn, Sangrae Cho
2003 IFIP Advances in Information and Communication Technology  
In this paper, we describe an experiment of designing and implementing a rolebased extranet access management (EAM) by leveraging role-based access control (RBAC) and X.S09 attribute certificates for scalable  ...  Compared with previous works in this area, we show that our approach can overcome the problems of previous solutions and broaden RBAC's applicability into large-scale networks.  ...  Acknowledgments This research, performed at the University of North Carolina at Charlotte, was supported by grants from the Electronics and Telecommunications Research Institute.  ... 
doi:10.1007/978-0-387-35697-6_5 fatcat:czd73z6ydrchvpymzoainxs57a

A Survey on Access Control Deployment [chapter]

Vivy Suhendra
2011 Communications in Computer and Information Science  
, and infringement management are required to effectively deploy the model in the particular usage environment.  ...  We aim to give a comprehensive big picture as well as pragmatic deployment details to guide in understanding, setting up and enforcing access control in its real world application.  ...  are met (e.g., whether the access will break critical policies such as separation of duties).  ... 
doi:10.1007/978-3-642-27189-2_2 fatcat:ekgxga5eozby3cov4rq44a2kvm

Security for Enterprise Resource Planning Systems

Wei She, Bhavani Thuraisingham
2007 Information Systems Security  
Many ERP vendors have already integrated their security solution, which may work well internally; while in an open environment, we need new technical approaches to secure an ERP system.  ...  The ERP system is becoming the system with high vulnerability and high confidentiality in which the security is critical for it to operate.  ...  These include the following: Need-to-know policies: These are policies where access is granted based on whether a user needs to know. These policies are enforced in military environments.  ... 
doi:10.1080/10658980701401959 fatcat:puxlijuvwrdyzpwpmloapq6x6u

VM-Flow [chapter]

Ivo J. G. dos Santos, Edmundo R. M. Madeira
2004 IFIP International Federation for Information Processing  
To view a copy of this license, visit : or send a letter to Creative Commons,  ...  For the avoidance of doubt, the content of this report reflects only the opinion of the project consortium members and its authors.  ...  a separation of duties process that starts from the social goals.  ... 
doi:10.1007/1-4020-8155-3_15 fatcat:tdnlcms72rbznjvwphoztdx37y

A Service-Oriented Approach for Network-Centric Data Integration and Its Application to Maritime Surveillance

David Parlanti, Federica Paganelli, Dino Giuli
2011 IEEE Systems Journal  
M This is the author's version of an article that has been published in this journal. Changes were made to this version by the publisher prior to publication.  ...  We have developed a proof-of-concept of the main system capabilities to assess feasibility of our approach and to evaluate how the SAI middleware architecture can fit application requirements for dynamic  ...  ACKNOWLEDGEMENTS This work has been partially carried out in the context of a study funded by SELEX Sistemi Integrati, under the supervision of Agostino Longo.  ... 
doi:10.1109/jsyst.2010.2090610 fatcat:sd3xdwlz3faqvhlzfzl3h2scu4

What makes workflows work in an opportunistic environment?

Ewa Deelman, Tevfik Kosar, Carl Kesselman, Miron Livny
2006 Concurrency and Computation  
In this paper, we examine the issues of workflow mapping and execution in opportunistic environments such as the grid.  ...  In this paper, we focus on the interplay between a workflow mapping component that plans the high-level resource assignments and the workflow executor that oversees the component execution.  ...  It allows the users to specify scheduling policies and enforce priorities.  ... 
doi:10.1002/cpe.1001 fatcat:rudznsmp5rbdtdxehj3vzypooq

Novel Security Conscious Evaluation Criteria for Web Service Composition

Homa Movahednejad, Suhaimi Bin Ibrahim, Mahdi Sharifi, Harihodin Bin Selamat, Arash Habibi Lashkari, Sayed Gholam Hassan Tabatabaei
2014 Research Journal of Applied Sciences Engineering and Technology  
Therefore, the focus of this study is to evaluate the existing approaches based on their applied techniques and QoS aspects.  ...  Web service composition as complex problem solver in service computing has become one of the recent challenging issues in today's web environment.  ...  We wish to thank Mahmoud Danaee for his assistance and constructive suggestions to enhance the quality of this paper.  ... 
doi:10.19026/rjaset.7.304 fatcat:cpmbpbc7irhtzh7gkh4x7ommya

A Policy Language for the Management of Distributed Agents [chapter]

Naranker Dulay, Nicodemos Damianou, Emil Lupu, Morris Sloman
2002 Lecture Notes in Computer Science  
A key issue in managing distributed agents is the provision of effective policy-based frameworks.  ...  In our language policies apply to domains of objects. By changing a policy we change the behaviour of a system.  ...  We gratefully acknowledge the support of the EPSRC for research grants GR/L96103 (SecPol) and GR/M 86019 (Ponds) as well as BT for support on the Alpine project.  ... 
doi:10.1007/3-540-70657-7_6 fatcat:4alki4ilh5bvzaqo7olbt6apby

Database security - concepts, approaches, and challenges

E. Bertino, R. Sandhu
2005 IEEE Transactions on Dependable and Secure Computing  
It is well understood today that the semantics of data must be taken into account in order to specify effective access control policies.  ...  also include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time.  ...  The work of Elisa Bertino is supported in part by the US National Science Foundation under the Project "Collaborative Research: A Comprehensive Policy -Driven Framework For Online Privacy Protection: Integrating  ... 
doi:10.1109/tdsc.2005.9 fatcat:6r3s2k2l25cdpgawjmp3rgtfue

Aspect-Oriented Workflow Languages [chapter]

Anis Charfi, Mira Mezini
2006 Lecture Notes in Computer Science  
Dezember 2006 To my parents, To my wife, To my brother and my sister  ...  , cross-organizational, and heterogeneous environments.  ...  In internal attachment, policy annotations are used in an XML document to directly attach policies to subjects that are defined in that document.  ... 
doi:10.1007/11914853_12 fatcat:w6fjrahnyfefnbn5a7wpnjxazy

Proposed Information Sharing Security Approach for Security Personnels, Vertical Integration, Semantic Interoperability Architecture and Framework for Digital Government

Md. Headayetullah, G.K Pradhan, Sanjay Biswas, B Puthal
2011 International Journal of Computer Science & Information Technology (IJCSIT)  
This approach is a role and cooperation based approach for security personnel of different government departments.  ...  So, currently, an urgent need to convince and approve larger flow of information is in demand along with data sharing among public agencies [7], [8] .  ...  policies; (4) an auditing system which deals with the curation history of every information item; and (5) a origin auditing method that tracks derivations of information in surfeit of time to present  ... 
doi:10.5121/ijcsit.2011.3309 fatcat:a6lp2dknireetmbsmwwjc3cvjy

A Policy-Oriented Language for Expressing Security Specifications

Carlos Ribeiro, Paulo Ferreira
2007 International Journal of Network Security  
We also address the problem of incoherent policies and show how to efficiently enforce the security policies expressed by the language with a security access monitor, implemented in java, including history-based  ...  However, both the policy enforcement and the mapping of unknown users to known entities [28] can be decoupled from the specification; thus, having a single global security policy decoupled from the enforcement  ...  Acknowledgements The authors should like to express their gratitude to Pedro Gama for his value contribute to the development of SPL, to Patricia Lima for the careful review of the paper and to the anonymous  ... 
dblp:journals/ijnsec/RibeiroF07 fatcat:rhns5spsdrbcxipl72rhxkzjoa
« Previous Showing results 1 — 15 out of 396 results