102,975 Hits in 7.4 sec

The Endpoint Application Execution Control Scheme based on the Whitelist

Chang-Hong Kim, Jeong-Hyun Yi, Jong-Bae Kim
2015 International Journal of Control and Automation  
integrity, media access control, prevention of modification of important files, and control over IP/port attempting for process access or reverse link.  ...  and attacks through exploitation of an application or operating system vulnerability, by implementing a hybrid of technology such as whitelist-based application execution control via authentication of  ...  In the case of media control pre-designated by policy, any attempt of indirect or unapproved accessing to any port (e.g.  ... 
doi:10.14257/ijca.2015.8.4.10 fatcat:wz6aosa2o5e3pe5hokxsuyx7v4

Automatic Policy Generation for Inter-Service Access Control of Microservices

Xing Li, Yan Chen, Zhiqiang Lin, Xiao Wang, Jim Hao Chen
2021 USENIX Security Symposium  
However, the complexity of fine-grained access control policies, along with the large-scale and dynamic nature of microservices, makes the current manual configurationbased access control unsuitable.  ...  This paper presents AU-TOARMOR, the first attempt to automate inter-service access control policy generation for microservices, with two fundamental techniques: (1) a static analysis-based request extraction  ...  of access control policies through a permission graph.  ... 
dblp:conf/uss/LiCLWC21 fatcat:rg5nmeu3cjdf7eqpz5x7jlsnvy

Digital Rights and Freedoms: A Framework for Surveying Users and Analyzing Policies [chapter]

Todd Davies
2014 Lecture Notes in Computer Science  
Evaluating policy frameworks in a comparative analysis based on prior principles may help people to see what is missing and what is important as the future of the Internet continues to be debated.  ...  An analysis of users' rights frameworks that have emerged over the past twenty years similarly shows that such proposals tend to leave out freedoms related to software platforms, as opposed to user data  ...  The user is able to know and to control who else can access their data. Some or all of the following concepts might appear in a privacy control policy. a) Originator-discretionary reading control.  ... 
doi:10.1007/978-3-319-13734-6_31 fatcat:kyzwvijbeba43fj3enogthxiwq

Conviviality-driven access control policy

Donia El Kateb, Nicola Zannone, Assaad Moawad, Patrice Caire, Grégory Nain, Tejeddine Mouelhi, Yves Le Traon
2014 Requirements Engineering  
To bridge the gap between conviviality and security, we propose a methodological framework for updating and adapting access control policies based on conviviality recommendations.  ...  Our methodology integrates and extends existing techniques to assist system designers in the derivation of access control policies from socio-technical requirements of the system, while taking into account  ...  agents to update access control policies.  ... 
doi:10.1007/s00766-014-0204-0 fatcat:wn4s6lmbzvhulnlpfwwd2kd5ey

Policy administration control and delegation using XACML and Delegent

L. Seitz, E. Rissanen, T. Sandholm, B.S. Firozabadi, O. Mulmo
2005 The 6th IEEE/ACM International Workshop on Grid Computing, 2005.  
We have implemented limited XML access control in Delegent, in order to supervise modifications of the XML-encoded XACML policies.  ...  In this paper we present a system permitting controlled policy administration and delegation using the XACML access control system.  ...  AKNOWLEDGEMENT The authors would like to thank the scientific service of the French embassy in Stockholm for funding the French-Swedish cooperation that led to this work.  ... 
doi:10.1109/grid.2005.1542723 dblp:conf/grid/SeitzRSFM05 fatcat:7odyu2p54bcfpbbsbaru7fc23u

Cybersafety Approach to Cybersecurity Analysis and Mitigation for Mobility-as-a-Service and Internet of Vehicles

Chee Wei Lee, Stuart Madnick
2021 Electronics  
Both methods were applied to the Mobility-as-a-Service (MaaS) and Internet of Vehicles (IoV) use cases, focusing on over-the-air software updates feature.  ...  The results were compared with another promising method known as Combined Harm Analysis of Safety and Security for Information Systems (CHASSIS).  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/electronics10101220 fatcat:evbsgpe57fh4beb5wetssxujzm

Access control enforcement testing

Donia El Kateb, Yehia El Rakaiby, Tejeddine Mouelhi, Yves Le Traon
2013 2013 8th International Workshop on Automation of Software Test (AST)  
In this paper, we propose an approach to systematically test and validate the correct enforcement of access control policies in a given target application.  ...  A policy-based access control architecture comprises Policy Enforcement Points (PEPs), which are modules that intercept subjects access requests and enforce the access decision reached by a Policy Decision  ...  The dynamic part of our approach checks the errors of policy enforcement through a trace analysis applied to an original policy and a mutated one.  ... 
doi:10.1109/iwast.2013.6595793 dblp:conf/icse/KatebEMT13 fatcat:ajclpkmcxbgf7hyavwvpk2requ

Session-dependent Usage Control for Big Data

Gabriele Baldi, Yair Diaz-Tellez, Theo Dimitrakos, Fabio Martinelli, Christina Michailidou, Paolo Mori, Oleksii Osliak, Andrea Saracino
2020 Journal of Internet Services and Information Security  
Business strategies are increasingly driven by the integrated analysis of huge volumes of heterogeneous data, coming from different sources such for example social media or Internet of Things devices.  ...  The framework is integrated in Apache Hadoop, a software library which provides the infrastructure for storing, mining and processing large data sets through a collection of open-source software.  ...  We have presented an implementation which combines the UCS with the Apache Ranger access control tool for Hadoop services and demonstrated the viability of the approach with a set of performance experiments  ... 
doi:10.22667/jisis.2020.08.31.076 dblp:journals/jisis/BaldiDDMMMOS20 fatcat:jmc5hmxunzaebpy3i3oxdq4gqm

Towards Adaptive Access Control [chapter]

Luciano Argento, Andrea Margheri, Federica Paci, Vladimiro Sassone, Nicola Zannone
2018 Lecture Notes in Computer Science  
Access control systems are nowadays the first line of defence of modern IT systems.  ...  In this paper, we present an approach based on machine learning to refine attribute-based access control policies in order to reduce the risks of users abusing their privileges.  ...  Specifically, our goal is to dynamically refine access control policies based on user behaviour monitored at run-time by narrowing granted privileges.  ... 
doi:10.1007/978-3-319-95729-6_7 fatcat:xzkcj7raebczxpqpcadaks2crq

The G-ACM Tool: using the Drools Rule Engine for Access Control Management [article]

João Sá, Sandra Alves, Sabine Broda
2016 arXiv   pre-print
In this paper we explore the usage of rule engines in a graphical framework for visualising dynamic access control policies.  ...  We use the Drools rule engine to dynamically compute permissions, following the Category-Based Access Control metamodel.  ...  In [2] , a framework was presented with the aim of aiding on the specification and analysis of access control policies, based on a metamodel for access control (CBAC) proposed by Barker in [5] , and  ... 
arXiv:1611.08547v1 fatcat:hmh3yh4gqrhqlmmg62ynagt57u

Updated Analysis of Complication Rates Associated With Invasive Diagnostic Procedures After Lung Cancer Screening

Hui Zhao, Ying Xu, Jinhai Huo, A Cole Burks, David E Ost, Ya-Chen Tina Shih
2020 JAMA Network Open  
Open Access. This is an open access article distributed under the terms of the CC-BY License.  ...  Figure 1 . 1 Comparison of Overall Complication Rates Estimated From the Updated Analysis, Previous Analysis, and National Lung Cancer Screening Trial (NLST) and by Type of The bars show the overall incremental  ... 
doi:10.1001/jamanetworkopen.2020.29874 pmid:33326023 pmcid:PMC7745100 fatcat:hg7tuw3xlzdhbdtrluzj4wdtni

Categorizing case-base maintenance: Dimensions and directions [chapter]

David B. Leake, David C. Wilson
1998 Lecture Notes in Computer Science  
that require generalized revisions and addressing them with lazy updating.  ...  Multiple researchers have addressed pieces of the case-base maintenance problem, considering such issues as maintaining consistency and controlling case-base growth.  ...  This policy can be described as having synchronic analysis, ad-hoc timing, o -line execution, and narrow or broad scope.  ... 
doi:10.1007/bfb0056333 fatcat:weeabzkaqzfofgvxjjdyg7k6bq

Usage Control Model Specification in XACML Policy Language [chapter]

Um-e-Ghazia, Rahat Masood, Muhammad Awais Shibli, Muhammad Bilal
2012 Lecture Notes in Computer Science  
In this paper we are suggesting the interpretation of UCON model in extensible access control markup language (XACML) which is an OASIS standard of access control policies.  ...  Usage control model (UCON) is one of the emerging and comprehensive attribute based access control model that has the ability of monitoring the continuous updates in a system making it better than the  ...  Policy repository is a unit in XACML that resides between the PAP and PDP containing the access control policies of corresponding model.  ... 
doi:10.1007/978-3-642-33260-9_5 fatcat:pswynhwrhfhthglmhy7ukm6a2e

Page 1999 of International Pharmaceutical Abstracts Vol. 27, Issue 3 [page]

1990 International Pharmaceutical Abstracts  
Seventy-percent of recommendations made in Phase II were for targeting ther-apy to narrow, cost-effective antibiotics.  ...  Interchange (EDI) is the terminology used for the exchange of information between two or more parties through an ‘electronic medium.’’  ... 

Integrated access control and intrusion detection for web servers

T. Ryutov, C. Neuman, Dongho Kim, Li Zhou
2003 IEEE Transactions on Parallel and Distributed Systems  
This paper describes our experience with integration of the Generic Authorization and Access Control API (GAA-API) to provide dynamic intrusion detection and response for the Apache Web Server.  ...  Current intrusion detection systems work in isolation from access control for the application the systems aim to protect.  ...  This is useful to ensure that a request permitted by the system-wide policy can not fail due to access rejection at the local level. narrow A system-wide policy narrows the access rights so that objects  ... 
doi:10.1109/tpds.2003.1233707 fatcat:nx2mphrah5bmnorfctsddcysji
« Previous Showing results 1 — 15 out of 102,975 results