The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The visual aspect of metamodelling languages is an efficient lever to deal with the complexity of specifying systems. In many application domains, these systems are generally characterized by the sensitivity and criticality of their contents, hence precision and formalism are essential goals. This paper considers the domain of access control specification languages and proposes a metamodelling paradigm...
Many models, methods, techniques, and systems have been developed to preserve the integrity of data and guarantee an acceptable level of security over networks. Protection from illegitimate data access and control of information flow are two main goals. This paper presents new techniques that address two main issues: information protection at various levels of granularity and data flow control We...
We propose a method and a process for legal software requirements extraction and compliance checking. We describe a requirements extraction model, a set of rules for specifying the format of the extracted information, a set of UML-based principles for translating the extracted information into a language based on predicate logic, and finally, a tool that analyzes the resulting logic model and displays...
Web sites usually express their privacy practices in natural language text that is often complex, informal and possibly confusing. The platform for Privacy Preference (P3P) has been proposed by W3C as a technology for expressing privacy practices of web sites in precise, machine readable language. This paper provides an account of the current status of research on P3P and proposes directions for future...
Many access control models have been proposed in the literature, and they have been extensively studied under the acronyms of DAC, MAC, RBAC, ABAC, etc. Each of these models has been studied in isolation, but some real-life situations need elements of several of them, in order to properly express data protection needs of complex organizations. A formal framework is presented, that allows not only...
Traditional security and access control systems, such as MLS/Bell-LaPadula, RBAC are rigid and do not contain automatic mechanisms through which a system can increase or decrease users' access to classified information. Therefore, in this paper, we propose a risk-based decision method for an access control system. Firstly, we dynamically calculate the trust and risk values for each subject-object...
In enterprise environments, the task of assigning access control rights to subjects for resources is not trivial. Because of their complexity, distribution and size, access control policies can contain anomalies such as inconsistencies, which can result in security vulnerabilities. A set of access control policies is inconsistent when, for specific situations different incompatible policies can apply...
We present a model-based approach to extract governance requirements from the law and enterprise regulations, to formal specifications. This is the first step of an end-to-end implemented methodology for validating legal compliance of enterprises to law through logic models. Our UML-based Governance Extraction Model (GEM) is able to extract many legal and enterprise requirements, particularly business...
Some properties of multiprocessing systems, i.e. computing systems in which a set of computational elements share a pool of storage elements are investigated. In particular, the conditions for the output-functionality of these systems are studied, where a computing systems is defined as being output-functional when it produces the same sequence of outputs for the same program, initial state, and input...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.