The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
It is hard to judge whether one subject is to be trusted where federation identity management only focuses on identity trust achieved by credentials the subject hold. So we propose a behavior trust-based federation identity management mechanism. The trust value was modified according to the subjectpsilas behavior and it will be employed in identity management procedure including identity mapping and...
Managing information risk means building risk analysis into every business decision. Chief information security officers widely agree that action plans must include risk categorization, communication, and measurement.
In providing the infrastructure for the accomplishment of general purpose computational grids the main concern is security. Still, by properly authenticating users and hosts and in the interactions between them, most grid implementations focus their safety concerns. The effective and competent exploitation of grid computing services needs sophisticated and secured resource management systems. The...
Software security testing tools and methodologies are presently abundant, and the question no longer seems to be "if to test" for security, but rather "where and when to test" and "then what?". In this paper we present a review of security testing literature, and propose a software security testing scheme that exploits an intra-organisational repository of discovered...
We present a new approach for mutation analysis of security policies test cases. We propose a metamodel that provides a generic representation of security policies access control models and define a set of mutation operators at this generic level. We use Kermeta to build the metamodel and implement the mutation operators. We also illustrate our approach with two successful instantiation of this metamodel:...
Due to the increasing complexity of Web systems, security testing is becoming a critical activity to guarantee the respect of such systems to their security requirements. To challenge this issue, we rely in this paper on model based active testing. We first specify the Web system behavior using IF formalism. Second, we integrate security rules -modeled in Nomad language- within this IF model using...
Accelerated by the rapid deployment of distributed systems and the Internet, online collaboration and information sharing are pervasive in enterprise computing environment. With regard to the requirements of online collaboration and information sharing, authentication information needs flexible manipulation to facilitate federation across trust domains. To achieve identity federation for federated...
Information privacy typically concerns the confidentiality of personal identifiable information (PII) and protected health information (PHI) such as electronic medical records. Thus, the information access control mechanism for e-health services must be embedded with privacy-enhancing technologies. Role-based access control (RBAC) model has been widely investigated and applied to various applications...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.