The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
An attack graph increasingly plays an important role in network security. It shows possible paths of actions consisting of the network vulnerability exploits that can lead to security breaches. Because most attack graphs are very large and complex, much research has focused on how these graphs can be automatically and efficiently generated. However, little has been done on attack graph analysis, namely...
The order in which software components are tested can have a significant impact on the number of stubs required during component integration testing. This paper presents an efficient approach that applies heuristics based on a given software component test dependency graph to automatically generate a test order that requires a (near) minimal number of test stubs. Thus, the approach reduces testing...
Today's numerous online transactions are implemented as composite web services in various domains including business, healthcare, government and education. One important aspect of secured online transactions is privacy protection. This paper addresses privacy issues in composite web service transactions by providing an intelligent semi-automated privacy-aware approach to efficiently building an appropriate...
Advances in Internet and software technology play increasing roles in creating work environments and online services that impact our everyday living. Web service computing paradigm has revolutionized how these software applications can be developed rapidly and reliably by employing available services available in standard forms across the web. Automatic composition of Web services is necessary and...
This paper addresses a fundamental issue of Web service composition. We present a simple but powerful conceptual model that leads to a scalable approach to automatically constructing a composite Web service to meet its requirements by using as few services as possible. Our approach is based on a state space model that has a monotone property to allow efficient search along with efficient algorithms...
Research has successfully applied model checking, a formal verification technique, to automatically generate chains of vulnerability exploits that an attacker can use to reach his goal. Due to the combinatorial explosion of the chain generation problem space, model checkers do not scale well to networks containing a large number of hosts. This paper proposes a methodology that uses a host-centric...
Managing access authorities is critical to the security of information systems. To prevent fraud or abuse due to conflict of interests, a well-known authorization constraint called separation of duty (SoD) is commonly applied. SoD ensures that no single user receives too many authorities. Enforcement of authorization constraints such as SoD in large organizations can be difficult due to the large...
Role-based access control (RBAC) is the most predominant access control model in today's security management due to its ability to simplify authorization, and flexibility to specify and enforce protection policies. In RBAC, Separation of Duty (SoD) constrains user role authorization to protect sensitive information from frauds due to conflicts of interests. SoD constraints are commonly defined by...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.