A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Information Flow Audit for Transparency and Compliance in the Handling of Personal Data
2016
2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW)
Preserved Fulltext
In this paper we explore how an Information Flow Audit (IFA) mechanism, that provides key data regarding provenance, can be used to verify compliance with regulatory and contractual duty, and survey potential ...
We explore the use of IFA for such a purpose through a smart electricity metering use case derived from a French Data Protection Agency recommendation. ...
Acknowledgement This work was supported by UK Engineering and Physical Sciences Research Council grant EP/K011510 CloudSafetyNet: End-to-End Application Security in the Cloud. ...
doi:10.1109/ic2ew.2016.29
dblp:conf/ic2e/PasquierE16
fatcat:qjp2zgnxu5huxnvcdowat6pkty
Towards Compliance and Accountability: a Framework for Privacy Online
2009
Journal of Computers
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2010; you can also visit the original URL.
The file type is application/pdf.
While "access control" is well understood, how to achieve "usage control" is still unclear. In the online environment, information is easily copied or delivered. ...
UCON ABC , as the next generation of access control, is inadequate to cover the entire privacy information life cycle. ...
Information accountability means the use of information should be transparent so it is possible to determine whether a particular use is appropriate under a given set of predefined rules and that the system ...
doi:10.4304/jcp.4.6.494-501
fatcat:csyeg6zgzrbzfj7lde3n3yvvhy
A Responsible Internet to Increase Trust in the Digital World
2020
Journal of Network and Systems Management
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
of other users by improving the transparency, accountability, and controllability of the Internet at the network-level. ...
We believe that a responsible Internet is the next stage in the evolution of the Internet and that the concept is useful for clean slate Internet systems as well. ...
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long ...
doi:10.1007/s10922-020-09564-7
fatcat:fogj7wp6lnb6rotyjbune2xuwy
Practical information flow for legacy web applications
2013
Proceedings of the 8th Workshop on Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems - ICOOOLPS'13
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
To enforce a policy, LabelFlow tracks the propagation of information throughout the application, transparently and efficiently, both in the PHP runtime and through persistent storage. ...
We used LabelFlow to add and enforce access control policies in three popular realworld large scale web applications: MediaWiki, Wordpress and OpenCart. ...
Label-based information flow, in particular, uses a set of labels to represent security levels and to track the flow of information. ...
doi:10.1145/2491404.2491410
dblp:conf/ecoop/ChinisPIA13
fatcat:td6qyfthtbeu7clqc3p2fid2y4
Raksha
2007
Proceedings of the 34th annual international symposium on Computer architecture - ISCA '07
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
First, it supports flexible and programmable security policies that enable software to direct hardware analysis towards a wide range of high-level and low-level attacks. ...
This paper proposes Raksha, an architecture for software security based on dynamic information flow tracking (DIFT). ...
Recent research has established dynamic information flow tracking (DIFT) [9, 17] as a promising platform for detecting a wide range of security attacks. ...
doi:10.1145/1250662.1250722
dblp:conf/isca/DaltonKK07
fatcat:6ve3ir4yq5epxh5dkq5oqtmhma
Raksha
2007
SIGARCH Computer Architecture News
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
First, it supports flexible and programmable security policies that enable software to direct hardware analysis towards a wide range of high-level and low-level attacks. ...
This paper proposes Raksha, an architecture for software security based on dynamic information flow tracking (DIFT). ...
Recent research has established dynamic information flow tracking (DIFT) [9, 17] as a promising platform for detecting a wide range of security attacks. ...
doi:10.1145/1273440.1250722
fatcat:gdo5x6x7xrdgje3tq44pt6ohxu
Information Flow Monitor Inlining
2010
2010 23rd IEEE Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We show how to inline an information flow monitor, specifically a flow sensitive one previously proved to enforce termination insensitive noninterference. ...
In recent years it has been shown that dynamic monitoring can be used to soundly enforce information flow policies. ...
Acknowledgments: Ale Russo and Andrei Sabelfeld kindly shared drafts of their work and discussed it with us. Cormac Flanagan shared unpublished work on "no sensitive upgrade". ...
doi:10.1109/csf.2010.21
dblp:conf/csfw/ChudnovN10
fatcat:6lcqykyuonb5daxgtfk6yhqcqu
A roadmap for comprehensive online privacy policy management
2007
Communications of the ACM
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2009; you can also visit the original URL.
The file type is application/pdf.
Information technology advances are making Internet and Web-based system use the common choice in many application domains, ranging from business to healthcare to scientific collaboration and distance ...
Finally, endusers must be able to easily understand privacy policies [AEB04] and need effective, transparent and comprehensible online privacy-protection mechanisms. ...
Middle tier (security policies): In this layer, traditional security policies, e.g., those governing authentication, access control and information flow are needed to enforce high-level privacy policies ...
doi:10.1145/1272516.1272522
fatcat:optjvlmf2zg4pllr2nm4ll7tza
Camflow: Managed Data-Sharing for Cloud Services
2017
IEEE Transactions on Cloud Computing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. ...
In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...] ...
ACKNOWLEDGMENTS This work was supported by UK Engineering and Physical Sciences Research Council grant EP/K011510 Cloud-SafetyNet: End-to-End Application Security in the Cloud. ...
doi:10.1109/tcc.2015.2489211
fatcat:bytla3mpwfhwjgr52yqj5ghewm
Building an Application-Aware IPsec Policy System
2007
IEEE/ACM Transactions on Networking
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The end-to-end security services provided by IPsec have not been widely used. To bring the IPsec services into wide usage, a standard IPsec API is a potential solution. ...
The experimental results show that the overhead of policy translation is insignificant, and the overall system performance of the enhanced IPsec is comparable to those of security mechanisms at upper layers ...
This technique may move us toward a more secure Internet, allowing users to create an environment where message privacy is the default. ...
doi:10.1109/tnet.2007.896536
fatcat:el7dsxlksncnxpknwfdnr7ikxe
Information Flow Control for Secure Cloud Computing
2014
IEEE Transactions on Network and Service Management
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Security concerns are widely seen as an obstacle to the adoption of cloud computing solutions. Information Flow Control (IFC) is a well understood Mandatory Access Control methodology. ...
Index Terms-Cloud, data security, information flow, information flow control (IFC). ...
For each, we discuss the typical approaches used to secure them. We then introduce Information Flow Control and discuss cross-cutting legal and security concerns.
A. ...
doi:10.1109/tnsm.2013.122313.130423
fatcat:oczijxwkfvdtrgar6nvab4ypem
Inlined Information Flow Monitoring for JavaScript
2015
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS '15
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Extant security mechanisms for web apps, notably the "sameorigin policy", are not sufficient to achieve confidentiality and integrity goals for the many apps that manipulate sensitive information. ...
Researchers are exploring dynamic information flow controls (IFC) for JavaScript, but there are many challenges to achieving strong IFC without excessive performance cost or impractical browser modifications ...
Like language semantics, APIs need to be mediated too: They often involve complex control flows and information flows, and they need to be instrumented to work with boxes. ...
doi:10.1145/2810103.2813684
dblp:conf/ccs/ChudnovN15
fatcat:zdvqrhvq4vf75pz3t2ehclu75q
The Transitivity of Trust Problem in the Interaction of Android Applications
[article]
2012
arXiv
pre-print
Preserved Fulltext
The Internet Archive has a preservation copy of this work in our general collections.
The file type is application/pdf.
Instead, the information flow needs to be policed for the composite system of applications in a transparent and usable manner. ...
Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. ...
This kind of language-based security analysis is limited to the use of annotations by programmers at the source-code level. ...
arXiv:1204.1458v1
fatcat:ugbmbbqgb5gm3a2mlgfdej6lbm
Decision Provenance: Harnessing Data Flow for Accountable Systems
2019
IEEE Access
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
A key reason for this is because the details and nature of the information flows that interconnect and drive systems, which often occur across technical and organisational boundaries, tend to be invisible ...
Decision provenance entails using provenance methods to provide information exposing decision pipelines: chains of inputs to, the nature of, and the flow-on effects from the decisions and actions taken ...
Towards this, standardisation, verification, attestation, and secure logging mechanisms will all be relevant.
B. ...
doi:10.1109/access.2018.2887201
fatcat:bx57wrrunna5nfzdqvsqjz3piy
Are Blockchain-based Systems the Future of Project Management? A Preliminary Exploration
2020
The Journal of British Blockchain Association
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Five constructs emerge: transparency, control, dynamic status updating, incentives, and trust. ...
Blockchain technologies have introduced a platform for a new wave of project management systems, providing managers with a range of characteristics, capabilities, and feature sets to aid their practice ...
Acknowledgements: The authors would like to thank Enterprise Ireland, University College Cork, the JBBA, and all the participants that contributed to the study. ...
doi:10.31585/jbba-3-2-(2)2020
fatcat:ecjzysalyff7tgdlgrnzentt6e
« Previous
Showing results 1 — 15 out of 54,845 results