103,289 Hits in 5.1 sec

Usage Control Enforcement - A Survey [chapter]

Åsmund Ahlmann Nyre
2011 Lecture Notes in Computer Science  
This paper surveys the previous efforts on providing usage control enforcement and analyses the general strengths and weaknesses of these approaches.  ...  Usage Control has been proposed to achieve this by combining and extending traditional access control, Digital Rights Management and various encryption schemes.  ...  Four different DRM technologies are analysed and compared to a set of general usage control enforcement capabilities.  ... 
doi:10.1007/978-3-642-23300-5_4 fatcat:wian4fzavjfwzg462uczyhrjia

Jalapa: Securing Java with Local Policies

Massimo Bartoletti, Gabriele Costa, Roberto Zunino
2009 Electronical Notes in Theoretical Computer Science  
Usage automata are expressive enough to allow programmers specify of many real-world usage policies; yet, they are simple enough to permit formal reasoning.  ...  Programmers can sandbox untrusted pieces of code with usage policies. The Jalapa tool rewrites the Java bytecode by adding the hooks for the mechanism that enforces the given policies at run-time.  ...  The challenge is to improve the expressive power of usage policies, while keeping them clean and formally sound.  ... 
doi:10.1016/j.entcs.2009.11.020 fatcat:5fsqdkt37fdqvdai6jxgsc5cue

Representation-Independent Data Usage Control [chapter]

Alexander Pretschner, Enrico Lovat, Matthias Büchler
2012 Lecture Notes in Computer Science  
The usage control model is then extended so that usage control policies can address not just one single representation (e.g., delete file1.txt after thirty days) but rather all representations of the data  ...  In the literature, usage control models have been defined on the grounds of events that, somehow, are related to data.  ...  PR 1266/1-1 as part of the priority program SPP 1496, "Reliably Secure Software Systems." Florian Kelbert provided valuable comments.  ... 
doi:10.1007/978-3-642-28879-1_9 fatcat:i2niupcmpzgylmfmbbwvobkpsy

Modelling Fine-Grained Access Control Policies in Grids

Benjamin Aziz
2015 Journal of Grid Computing  
This paper presents an abstract specification of an enforcement mechanism of usage control for Grids, and verifies formally that such mechanism enforces UCON policies.  ...  We abstract the specification of the enforcement mechanism from current implementations of usage control for Grids.  ...  of an enforcement mechanism for usage control policies.  ... 
doi:10.1007/s10723-015-9351-x fatcat:t74xarutbrc7fba7vt2gbrz3lq

Securing Java with Local Policies

Massimo Bartoletti, Gabriele Costa, Pierpaolo Degano, Fabio Martinelli, Roberto Zunino
2009 Journal of Object Technology  
We propose an extension to the security model of Java, that allows for specifying, analysing and enforcing history-based usage policies.  ...  Policies are defined by usage automata, that recognize the forbidden execution histories.  ...  In the setting of usage control, finite-state policies are typically enough; using more powerful formalisms, e.g. pushdown automata, would add a marginal practical gain, at the cost of more complex enforcement  ... 
doi:10.5381/jot.2009.8.4.a1 fatcat:hgwi6kyymbhvlfdtsen6liwuv4

Usage Management in Cloud Computing

Pramod A. Jamkhedkar, Christopher C. Lamb, Gregory L. Heileman
2011 2011 IEEE 4th International Conference on Cloud Computing  
enforcement of usage policies.  ...  This paper introduces the notion and importance of usage management in cloud computing.  ...  The analyses include application of well-known principles of system design and standards [7] , [8] , [9] , research developments in the areas of usage control [5] , [6] , policy languages design principles  ... 
doi:10.1109/cloud.2011.112 dblp:conf/IEEEcloud/JamkhedkarLH11 fatcat:7r5znn6n7nf5nbdkbohcxi5wlq

Formal Verification of Usage Control Models: A Case Study of UseCON Using TLA+

Antonios Gouglidis, Christos Grompanopoulos, Anastasia Mavridou
2018 Electronic Proceedings in Theoretical Computer Science  
Usage control models provide an integration of access control, digital rights, and trust management.  ...  In this paper, we elaborate on a case study, where we express the high-level functional model of the UseCON usage control model in the TLA+ formal specification language, and verify its correctness for  ...  capture properties of specific access and usage control policies. values are assigned to them.  ... 
doi:10.4204/eptcs.272.5 fatcat:t4o22axb6jg3belcpvcfdon7ue

Characteristics of Antimicrobial Stewardship Programs at Veterans Affairs Hospitals: Results of a Nationwide Survey

Ann F. Chou, Christopher J. Graber, Makoto Jones, Yue Zhang, Matthew Bidwell Goetz, Karl Madaras-Kelly, Matthew Samore, Allison Kelly, Peter A. Glassman
2016 Infection control and hospital epidemiology  
responding facilities, 29 (22%) had a formal policy establishing an ASP, and 12 (9%) had an approved ASP business plan.  ...  as frequency of systematic patient-level reviews of antimicrobial use (P=.01) and having a policy to address antimicrobial use in the context ofClostridium difficileinfection (P=.01).  ...  usage, systematic review of patient-level antimicrobial usage, and a policy to limit antimicrobial usage in patients diagnosed with CDI.  ... 
doi:10.1017/ice.2016.26 pmid:26905338 fatcat:zligrrjbfffl7cmlub3fmidmhm

Concurrent Enforcement of Usage Control Policies

Helge Janicke, Antonio Cau, François Siewe, Hussein Zedan
2008 2008 IEEE Workshop on Policies for Distributed Systems and Networks  
Policy-based approaches to the management of systems distinguish between the specification of requirements, in the form of policies, and their enforcement on the system.  ...  We propose a technique for enforcing policies concurrently based on the static analysis of dependencies between policies.  ...  the constraints of the controller for the individual usage processes, the dependencies between usage processes can be statically analysed.  ... 
doi:10.1109/policy.2008.44 dblp:conf/policy/JanickeCSZ08 fatcat:3djgt5eumfaoxnrefpsqly3pxi

Self-Adaptive Authorization Framework for Policy Based RBAC/ABAC Models

Christopher Bailey, David W. Chadwick, Rogerio de Lemos
2011 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing  
SAAF relies on a feedback control loop to monitor decisions (by policy decision points) of a target authorization infrastructure.  ...  These decisions are analysed to form a view of the subject's behaviour to decide whether to adapt the target authorization infrastructure.  ...  Usage Control Usage Control (UCON) [5] is an extension to the traditional access control model.  ... 
doi:10.1109/dasc.2011.31 dblp:conf/dasc/BaileyCL11 fatcat:4tul5n23bve3naed57ov6ditr4


M. Amsaveni
2018 International Journal of Advanced Research in Computer Science  
In order to handle implication of this study, we plan to propose an Ensemble operator on the Fine grained access control through Time, Location and Profile constrainst on the access policy to the attribute  ...  In this notion, expensive access policy generation for decryption of the cipher text is offloaded to the cloud to some extent.  ...  We formally prove the security of HASBE on security of the ciphertext-policy attribute-based encryption (CP-ABE) scheme by analyzing its performance and computational complexity.  ... 
doi:10.26483/ijarcs.v9i3.6118 fatcat:5cg7ewgzbjemtdaojlsr7mm75e

ISO 17799 and Australian Healthcare Organisations [chapter]

W. J. Brooks, M. J. Warren, W. Hutchinson
2003 Security and Privacy in the Age of Uncertainty  
The aim of this paper is to look at the effectiveness of the health information security standard and the development of infonnation security within the Australian healthcare industry.  ...  However. financial and operational constraints often exist which influence the practicality of developing a secure system.  ...  Even though computer viruses are a major concern among Victorian hospitals, only 62% of respondents that allow staff Internet access have a formal written policy on internet usage in place.  ... 
doi:10.1007/978-0-387-35691-4_39 fatcat:y6obpvwl7zc2vawyboj7v36swa

Developing and Enforcing Policies for Access Control, Resource Usage, and Adaptation [chapter]

Andrea Margheri, Massimiliano Masi, Rosario Pugliese, Francesco Tiezzi
2014 Lecture Notes in Computer Science  
Policy-based software architectures are nowadays widely exploited to regulate different aspects of systems' behavior, such as access control, resource usage, and adaptation.  ...  To overcome such difficulties, we advocate the use of FACPL, a formal policy language inspired to but simpler than XACML.  ...  The policy language FACPL can indeed be used to develop policies controlling various aspects of information systems, ranging from access control to resource usage and adaptation.  ... 
doi:10.1007/978-3-319-08260-8_6 fatcat:vfcd6gtllnbbdip5vujqrbl4im

Enforcing Scientific Data Sharing Agreements

Michael Wilson, Shirley Crompton, Brian Matthews, Alexey Orlov
2011 2011 IEEE Seventh International Conference on eScience  
Keywords-controlled natural language; scientific data management policies; policy based management; formal model checking; policy usability; formal methods usability. I.  ...  Institutional data sharing policies will be required to encapsulate the response of individual institutions to these pressures.  ...  In an automated system a broader range of formal analyses for different properties [18] can be modeled and those models formally checked.  ... 
doi:10.1109/escience.2011.45 dblp:conf/eScience/WilsonCMO11 fatcat:omtwwlfuovdazku3c24ld4vhsm

D1.3 - Policy, transparency and compliance guidelines V1

Piero Bonatti, Sabrina Kirrane, Rigo Wenning
2017 Zenodo  
This document includes details on the policy and transparency considerations of the use case, and the compliance requirements against policies.  ...  Semantics of the usage policy language The encoding of usage policies into OWL2 provides a formal semantics to the policy language via the direct (model theoretic) semantics of OWL2, which is based on  ...  usage control policies specified by data subjects, and legal obligations specified in the GDPR.  ... 
doi:10.5281/zenodo.2549531 fatcat:qnqbkvcfqzgvtgkc5r5t2upmgq
« Previous Showing results 1 — 15 out of 103,289 results