Filters








47,268 Hits in 3.2 sec

Information Flow in Credential Systems

Moritz Y. Becker
2010 2010 23rd IEEE Computer Security Foundations Symposium  
This paper proposes a systematic study of information flow in credential-based declarative authorization policies.  ...  Two information flow properties that have been studied in the context of state transition systems, non-interference and opacity, are reformulated in the current context of policy languages.  ...  However, information flow in credential-based policy systems is distinctly different from that in state transition systems and executable programs, which have traditionally been the focus of such research  ... 
doi:10.1109/csf.2010.19 dblp:conf/csfw/Becker10 fatcat:t7dy5saqdzgyteiipkbxeyctlm

Infrastructure Standards for Smart ID Card Deployment

Ramaswamy Chandramouli, Philip Lee
2007 IEEE Security and Privacy  
in the areas of identity information, generation, storage , distribution and usage of different sets of credentials, the methods of capturing of credentials etc.  ...  The design methodology we describe for IS-SCD in this paper has as its basis a business process definition framework built using two credentialing specifications used for large scale smart card deployments  ...  each of the data flows • Identifying the requirements for a global data schema that will capture all the information in all in-flow data flows, provide data integrity and support credential lifecycle  ... 
doi:10.1109/msp.2007.34 fatcat:luep2qhziffypdyxfpajufg2ii

A Credential-Based Data Path Architecture for Assurable Global Networking

Tilman Wolf
2007 MILCOM 2007 - IEEE Military Communications Conference  
We propose a network architecture that uses credentials in the data path to identify, validate, monitor, and control data flows within the network.  ...  The main limitation for achieving information assurance in current data networks lies in absence of security considerations in the original Internet architecture.  ...  Assurance also addresses accountability, resource availability, end-system protection, information leakage, etc.  ... 
doi:10.1109/milcom.2007.4454937 fatcat:csqomfzcljdqrn4hvyczg52y5y

A Calculus for Flow-Limited Authorization

Owen Arden, Andrew C. Myers
2016 2016 IEEE 29th Computer Security Foundations Symposium (CSF)  
These guarantees include noninterference and robust declassification, which prevent attackers from influencing information disclosures in unauthorized ways.  ...  We introduce the Flow-Limited Authorization Calculus (FLAC), which is both a simple, expressive model for reasoning about dynamic authorization and also an information flow control language for securely  ...  Like previous information-flow type systems [18] , FLAC incorporates types for reasoning about information flow, but FLAC's type system goes further by using Flow-Limited Authorization [12] to ensure  ... 
doi:10.1109/csf.2016.17 dblp:conf/csfw/ArdenM16 fatcat:mplpyj3r4bef5ip6ojubabceem

A method for designing secure solutions

J. J. Whitmore
2001 IBM Systems Journal  
functions within the several underlying component architectures found in computing systems, the difficulty in developing a comprehensive set of baseline requirements for security, and a lack of widely  ...  The task of developing information technology (IT) solutions that consistently and effectively apply security principles has many challenges, including: the complexity of integrating the specified security  ...  The closed loop process for an information flow control subsystem is represented in Figure 5 . Identity or credential subsystem.  ... 
doi:10.1147/sj.403.0747 fatcat:xhtry6g7incubcahk7usaz6vcu

The Preliminary Investigation of SSO Protocol for the Suitability of Mission Critical Applications

R. Deeptha, Rajeswari Mukesh
2017 Indian Journal of Science and Technology  
Since traditional banking systems refuse to disclose the user-sensitive information to any third party, the conventional models lack in maintaining the consistent revocation model.  ...  Objective: Single Sign-On (SSO) mechanism mitigates the complexity by providing a single set of login credentials for disparate systems.  ...  RBI validates the received information of the user with the credential information stored in the database in which RBI maintains the control of RBI.  ... 
doi:10.17485/ijst/2017/v10i42/120340 fatcat:m43dfywr5bcjbbqfjbsr4gfnla

Security issues in network virtualization for the future Internet

Sriram Natarajan, Tilman Wolf
2012 2012 International Conference on Computing, Networking and Communications (ICNC)  
., in the credentials cache shown in Figure 4 .4) depends on the number of active flows in a system.  ...  ., OpenFlow [70]) maintain forwarding information for each active flow in a flow table.  ... 
doi:10.1109/iccnc.2012.6167481 dblp:conf/iccnc/NatarajanW12 fatcat:oluiyidpmrcilkay44suyi6ywu

CRAC: Confidentiality risk assessment and IT-infrastructure comparison

Ayse Morali, Emmanuele Zambon, Sandro Etalle, Roel Wieringa
2010 2010 International Conference on Network and Service Management  
The method determines confidentiality risks by taking into account the effects of the leakage of confidential information (e.g. industrial secrets and user credentials), and the paths that may be followed  ...  In this paper we present CRAC, an IT infrastructure-based method for assessing and comparing confidentiality risks of IT based collaborations.  ...  We furthermore limit our assessment to the information assets User Credentials and Business Information. Fig. 2 (a) illustrates two information flow paths of FP UserCredentials in Infrastructure 2.  ... 
doi:10.1109/cnsm.2010.5691222 dblp:conf/cnsm/MoraliZEW10 fatcat:xkdwdzerb5cqtn6t3elkzkav5e

Anonymous Credentials in Web Applications [chapter]

Benjamin Kellermann, Immanuel Scholz
2010 IFIP Advances in Information and Communication Technology  
Web applications dealing with personal data in a privacyfriendly way have the need for anonymous credential systems.  ...  While there are already protocols describing anonymous credential systems and libraries, implementing the protocols, application using the libraries are rare.  ...  Anonymous credentials, presented by Camenisch and Lysyanskaya [2] , provide several features not present in "classic" credential systems.  ... 
doi:10.1007/978-3-642-14282-6_19 fatcat:xccr5ur7vzhgdpjf52wjxho5ae

Open document flow based on blockchane technology for cyber security of the accounting system

Volodymyr Muravskyi, Nadiia Khoma, Larysa Khokhlova, Liu Chengyu
2022 Herald of Economics  
The procedure for using the electronic key system to gain access to confidential accounting information in accordance with the information needs of users and their classification in the enterprise management  ...  flows in order to ensure cybersecurity of enterprises.Methods.  ...  There are also studies on the use of blockchain technology to improve information systems that are informationally related to accounting: Schmitz J. and Leoni G.  ... 
doi:10.35774/visnyk2021.04.156 fatcat:crc6cu3ymvawremerht66w4gvm

Protecting sensitive attributes in automated trust negotiation

William H. Winsborough, Ninghui Li
2002 Proceeding of the ACM workshop on Privacy in the Electronic Society - WPES '02  
We address technical issues with doing this in the context of trust management-style credentials, which carry delegations and enable one attribute to be inferred from others, and in the context where credentials  ...  While unauthorized access to credentials can be denied, sensitive information about the attributes they carry may easily be inferred based on the behavior of negotiators faithfully adhering to proposed  ...  In the current paper, we present an ad hoc study of some of the vulnerabilities of ATN systems to uncontrolled information flow, motivating and extending the approach to this problem taken in [9] .  ... 
doi:10.1145/644527.644532 dblp:conf/wpes/WinsboroughL02 fatcat:2r5un4nrj5dz7ohwhbpliibtny

Authentication protocols for ad hoc networks

Nidal Aboudagga, Mohamed Tamer Refaei, Mohamed Eltoweissy, Luiz A. DaSilva, Jean-Jacques Quisquater
2005 Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks - Q2SWinet '05  
The taxonomy is based upon the role of nodes in the authentication function, establishment of credentials, and type of credentials.  ...  Typically, ad hoc networks are deployed in un-trusted environments. Consequently, authentication is a precursor to any secure interactions in these networks.  ...  Groups are common under UNIX based systems, where persons are grouped into groups that have similar access rights to the system.  ... 
doi:10.1145/1089761.1089777 dblp:conf/mswim/AboudaggaREDQ05 fatcat:l2ae7xi3kzdpvcwvatols3qnhi

Safety in automated trust negotiation

William H. Winsborough, Ninghui Li
2006 ACM Transactions on Privacy and Security  
It treats credentials as potentially sensitive resources, access to which is under policy control. Negotiations that correctly enforce policies have been called "safe" in the literature.  ...  Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive information during this process.  ...  This simplifies matters and is entirely justified because our objective is to ensure that information flow is authorized, not that it is matched by a compensatory flow in the reverse direction.  ... 
doi:10.1145/1178618.1178623 fatcat:naf5rhjnpbaqvlnxdc7x2i72te

Evoking Comprehensive Mental Models of Anonymous Credentials [chapter]

Erik Wästlund, Julio Angulo, Simone Fischer-Hübner
2012 Lecture Notes in Computer Science  
In this paper we explore different ways in which suitable mental models of the data minimization property of anonymous credentials can be evoked on end users.  ...  Anonymous credentials are a fundamental technology for preserving end users' privacy by enforcing data minimization for online applications.  ...  The information in this document is provided "as is", and no guarantee or warranty is given that the information is fit for any particular purpose.  ... 
doi:10.1007/978-3-642-27585-2_1 fatcat:h5dzehwinzcqjbioyqy2kmj6ty

Credential management in event-driven healthcare systems

Jatinder Sing, David M. Eyers, Jean Bacon
2008 Proceedings of the ACM/IFIP/USENIX international middleware conference companion on Middleware '08 Companion - Companion '08  
Health information is sensitive, thus access control is critically important. This paper focuses on the management of credentials in event-driven healthcare environments.  ...  Emerging initiatives in healthcare require the dynamic formation of care teams spanning widely-distributed, heterogeneous infrastructure.  ...  Credentials provide information on principals acting in a system, asserting identity, qualifications and relationships.  ... 
doi:10.1145/1462735.1462746 dblp:conf/middleware/SinghEB08 fatcat:eho3avoukjbjzhrikkui4e3s3i
« Previous Showing results 1 — 15 out of 47,268 results