3,042 Hits in 6.8 sec

Beyond separation of duty

Ninghui Li, Qihua Wang
2006 Proceedings of the 13th ACM conference on Computer and communications security - CCS '06  
A high-level security policy states an overall requirement for a sensitive task.  ...  One example of a high-level security policy is a separation of duty policy, which requires a sensitive task to be performed by a team of at least k users.  ...  Acknowledgement This work is supported by NSF CNS-0448204 (CAREER: Access Control Policy Verification Through Security Analysis And Insider Threat Assessment), and by sponsors of CERIAS.  ... 
doi:10.1145/1180405.1180449 dblp:conf/ccs/LiW06 fatcat:742u5vekfvbhdepq6mq6tvswim

Beyond separation of duty

Ninghui Li, Qihua Wang
2008 Journal of the ACM  
A high-level security policy states an overall requirement for a sensitive task.  ...  One example of a high-level security policy is a separation of duty policy, which requires a sensitive task to be performed by a team of at least k users.  ...  Acknowledgement This work is supported by NSF CNS-0448204 (CAREER: Access Control Policy Verification Through Security Analysis And Insider Threat Assessment), and by sponsors of CERIAS.  ... 
doi:10.1145/1379759.1379760 fatcat:t3bvmqe7knh7hmjbs5slv75m6q

FTAs as Applicable Law in WTO Dispute Settlement: Was the Appellate Body Wrong in Peru-Additional Duty (DS457)?

Gregory Shaffer, L. Alan Winters
2016 Social Science Research Network  
The same idea holds for an ad valorem duty, but the algebra is slightly messier. .  ...  The second objection to VLs was that E.U. threshold prices were set so high that VLs implied a high level of protectionwith a consequent loss of market access for efficient producers outside Europe.  ... 
doi:10.2139/ssrn.2877813 fatcat:yfvxsbwh75gxrk6czpriwvydbm

The heavy-duty vehicle future in the United States: A parametric analysis of technology and policy tradeoffs

Amanda C. Askin, Garrett E. Barter, Todd H. West, Dawn K. Manley
2015 Energy Policy  
We present a parametric analysis of factors U.S. Class 7-8 trucks through 2050. Conventional diesels will be more than 70% of U.S. heavy-duty vehicles through 2050.  ...  Underlying the study is a vehicle choice and stock model of the U.S. heavy-duty vehicle market. The model is segmented by vehicle class, body type, powertrain, fleet size, and operational type.  ...  Department of Energy's National Nuclear Security Administration under Contract DE-AC04-94AL85000.  ... 
doi:10.1016/j.enpol.2015.02.005 fatcat:v42dclruzrfkph3dkxp5iezrzm

Can Strict Criminal Liability for Responsible Corporate Officers be Justified by the Duty to Use Extraordinary Care?

Kenneth W. Simons
2017 Criminal Law and Philosophy  
The responsible corporate officer (RCO) doctrine is, as a formal matter, an instance of strict criminal liability: the government need not prove the defendant's mens rea in order to obtain a conviction  ...  , and the defendant may not escape conviction by proving lack of mens rea.  ...  levels of negligence-gross, ordinary, or slight.  ... 
doi:10.1007/s11572-017-9431-z fatcat:trgtx3y4nrhdlat5ruzxtnrbj4

Taking the 'I' Out of 'Team': Intra-Firm Monitoring and the Content of Fiduciary Duties

Eric L. Talley
1999 Social Science Research Network  
This observation holds a number of practical implications for both statutory and doctrinal business law.  ...  This article employs a "team-production" account of the firm to investigate the relationship between organizational structure and fiduciary duties.  ...  (In fact, throughout my analysis, I shall adopt a joint-welfare measure in defining an "optimal" level of fiduciary duties).  ... 
doi:10.2139/ssrn.161188 fatcat:wszz6j7k3zcdtewzldq5lagfa4

Using Description Logics in Relation Based Access Control

Rui Zhang, Alessandro Artale, Fausto Giunchiglia, Bruno Crispo
2009 International Workshop on Description Logics  
Separation of Duties (SoD) and some high level security policies about the composition of those subjects on which to separate the duties.  ...  Relation Based Access Control (RelBAC ) is an access control model designed for the new scenarios of access control on Web 2.0.  ...  On top of the cardinality constraints for given duties, the algebra can specify the composition of the users for the SoD which they regard as high-level security policy.  ... 
dblp:conf/dlog/ZhangAGC09 fatcat:icgmuwvzqral5dizxbeg7ofruq

Flexible Security Policies in SQL [chapter]

Steve Barker, Arson Rosenthal
2002 Database and Application Security XV  
We show how a wide variety of role-based access control policies may be formally specified in the stratified subset of clause form logic.  ...  We demonstrate the power of our approach by showing how a variety of access control policies can be represented.  ...  We therefore envisage making use of a high-level poliey speeifieation language which enables a range of aeeess eontrol policies to be formulated, and whieh ean be translated into an implementation of the  ... 
doi:10.1007/978-0-387-35587-0_12 fatcat:luaithhlgfanpimnb5nugybbze

A Process Algebraic Approach to Security Policies [chapter]

Peter Ryan, Ragni Ryvold Arnesen
2003 IFIP Advances in Information and Communication Technology  
By way of illustration we describe a esp formulation of a policy for a clinical trials application drawn for the Framework 5 HARP Project.  ...  We discuss the nature of security policies, particularly those that arise in the context of healthcare informatics, and the kind of mathematical framework needed to describe and reason about them.  ...  Security Policies At the most abstract level, a security policy seeks to regulate the possible behaviours of a system.  ... 
doi:10.1007/978-0-387-35697-6_23 fatcat:semp53ussjdqfck7cvwq4434qa

Requirements for scalable access control and security management architectures

Angelos D. Keromytis, Jonathan M. Smith
2007 ACM Transactions on Internet Technology  
Yet management of security is becoming an increasingly challenging problem, in no small part due to scaling up of measures such as number of users, protocols, applications, network elements, topological  ...  We argue that the key design options to achieve scalability are the choice of the representation of access control policy, the distribution mechanism for policy and the choice of access-rights revocation  ...  Approved for Public Release, Distribution Unlimited.  ... 
doi:10.1145/1239971.1239972 fatcat:y4qamkb24jcslmbtm6topumm6e

Direct static enforcement of high-level security policies

Qihua Wang, Ninghui Li
2007 Proceedings of the 2nd ACM symposium on Information, computer and communications security - ASIACCS '07  
One example of a high-level security policy is a separation of duty policy, which requires a sensitive task to be performed by a team of at least k users.  ...  Recently, Li and Wang [4] proposed an algebra for specifying a wide range of high-level security policies with both qualification and quantity requirements on users who perform a task.  ...  Introduction A high-level security policy states an overall safety requirement for a sensitive task. One well-known highlevel security policy is Separation of Duty (SoD).  ... 
doi:10.1145/1229285.1229315 dblp:conf/ccs/WangL07 fatcat:6tr2ici2wfgr5gt3ljave5pd3u

Using simulation and optimization to inform army force structure reduction decisions

Jason Southerland, Andrew Loerch
2014 Proceedings of the Winter Simulation Conference 2014  
We describe a simulation-based optimization that identifies potential cuts to a large subset of the active duty Army???s total strength. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17.  ...  Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for  ...  ACKNOWLEDGMENTS We would like to thank Tom Spoon, Myles Miyamasu, and COL Scott Nestler at the Center for Army Analysis for the ready provision of their subject matter expertise; Dr.  ... 
doi:10.1109/wsc.2014.7020072 dblp:conf/wsc/SoutherlandL14 fatcat:gct347u5dzc6xibogxsw3ftcoa

Recent Advances in Access Control Models [chapter]

Sushil Jajodia
2003 Lecture Notes in Computer Science  
We also discuss the recent work on policy algebras and subject identity issues in secure federations.  ...  implementations; models that incorporate richer semantics for access control in emerging Internet applications. such as adding provisions; and models for XML documents.  ...  Consequently, an algebra of policies goes a long way in providing conceptual coherence among these policies at a higher abstract level, thereby providing a basis for comparison and determining areas of  ... 
doi:10.1007/978-3-540-45160-0_1 fatcat:t2shtdvjzzavlcwwqnpnyca3i4

A Policy-Oriented Language for Expressing Security Specifications

Carlos Ribeiro, Paulo Ferreira
2007 International Journal of Network Security  
Having a single security model for the whole organization, a single point of management and enforcement with a innumerous set of unknown users, does not scale well.  ...  We also address the problem of incoherent policies and show how to efficiently enforce the security policies expressed by the language with a security access monitor, implemented in java, including history-based  ...  Acknowledgements The authors should like to express their gratitude to Pedro Gama for his value contribute to the development of SPL, to Patricia Lima for the careful review of the paper and to the anonymous  ... 
dblp:journals/ijnsec/RibeiroF07 fatcat:rhns5spsdrbcxipl72rhxkzjoa

A Formal Language for XML Authorisations Based on Answer Set Programming and Temporal Interval Logic Constraints

Sean Policarpio, Yan Zhang
2011 International Journal of Secure Software Engineering  
The language, A xml(T ) , allows for the specification of authorisations on XML documents and distinguishes itself from other research with the inclusion of temporal interval reasoning and the XPath query  ...  Our language has the capacity to reason whether access to an XML document should be allowed.  ...  We provided a semantic definition through the translation of the high level language into an answer set program.  ... 
doi:10.4018/jsse.2011010102 fatcat:rfmaacmp6zdp7oobh2q56j6pay
« Previous Showing results 1 — 15 out of 3,042 results