The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Interest in policy-based approaches to multi-agent and distributed systems has grown considerably in recent years. Policy-based management (PBM) has been proposed in multi-agent systems to deal with coordination and security issues of multi-agent systems according to well-defined system guidelines. Based on the policy-based management mechanism and autonomous intelligent agents, we present a framework...
The GridFTP by Allcock, W. (2003) protocol defines a general- purpose mechanism for secure, reliable, high-performance data movement. GridFTP has been widely used for efficiently transferring large volumes of data. It is based on the Internet FTP protocol and thus involves two communication channels: a control channel and a data channel. The commands and responses flow over the control channel, and...
Security policy validation based on conformance testing is a promising approach, but it lacks both of a fault model and of better test selection procedures. Penetration testing approaches rely on a fault model based on the exploitation of sequences of vulnerabilities. This document proposes a method to generate test purposes to validate the conformance of a system to a security policy using a fault...
Hidden functionality in software is a big problem, because we cannot be sure that the software does not contain malicious code. We conducted an experiment where we studied the relationship between architecture constructs, dynamic behavior and security vulnerabilities. We also studied to what extent architecture analysis tools can assist in detecting security vulnerabilities that are caused by architecture...
We propose an approach to generate and execute tests of the conformance of a system to a given security policy. The method is rule-based: it generates test cases directly from a security policy expressed as a set of security requirements, using two relations: one between predicates appearing in the rules and elementary test cases, called tiles, used to test predicates in the system, and another one...
The three-tier architecture pattern and its variants have been around for a while and there are several discussions of their properties as well as several patterns. None of these discussions considers security. However, several real systems implement this approach including security. We revisit this pattern to explicitly separate and analyze its security aspects.
Accelerated by the rapid deployment of distributed systems and the Internet, online collaboration and information sharing are pervasive in enterprise computing environment. With regard to the requirements of online collaboration and information sharing, authentication information needs flexible manipulation to facilitate federation across trust domains. To achieve identity federation for federated...
Information privacy typically concerns the confidentiality of personal identifiable information (PII) and protected health information (PHI) such as electronic medical records. Thus, the information access control mechanism for e-health services must be embedded with privacy-enhancing technologies. Role-based access control (RBAC) model has been widely investigated and applied to various applications...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.