The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Nowadays, access control to Web pages relay mostly on identification and authentication. After successful authentication, however, subsequent access may not necessarily be performed by the same user. Aimed at separating identity authentication and behavior authentication in open network environments, this paper proposes an access control method based on the analysis of user behavior in Web browsing...
Patient health records that can be retained on portable devices, require secure and efficient access control. This work presents Proof Carrying Authorization(PCA) for accessing a mobile based health card, which provides an efficient method for data security. Access control over resources is a mechanism by which each client's request is granted access by scrutinizing against the logic of application...
A frequently denominated use case of Industrie 4.0 is plug-and-work. This use case not only requires the technical base to determine how and what information has to be exchanged during the startup of software and hardware components in the production environment, but also deals with very sensitive information which results in a high demand to secure these. In consequence, plug-and-work mechanisms...
With the rapid development of cloud computing, it is attractive for enterprise companies to outsource their data files for sharing in cloud servers, as cloud computing can offer desirable characteristics, such as on-demand self-service, broad network access, and rapid elasticity. However, by uploading data files onto cloud servers, data owners (i.e. the companies) will lose control over their own...
With the recent rapid increase in the number of physical facilities and structures that need to be protected by restricting physical access to them, there has been an explosion in the number and type of physical access control systems being deployed to protect them. However, these systems are quite different from each other and there is no common standard that provides for interoperability between...
Cloud computing, a relatively new concept and has gained an immense attention of research community in the past few years. R&D organizations and industry are investing a lot in cloud based research and applications. Similarly on theconsumers' side organizations are moving their business on cloud to provide flexibility and conceive ever increasing computational power requirements. In spite...
An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose...
The use of smart phones has lately grown by leaps and bounds and the role of a smart phone as a portable computer has been conspicuous. The application programs of smart phones are used in diverse areas such as business planning, banking, blogging, GPS, medical application, and home security. The diversity of such application is seen to be one of factors of the expansion of smart phone users, and...
With the increasing complexity of IT outsourcing environments thousands of servers and their configurations are increasingly managed by globally distributed teams. This requires a flexible identity access management process in place to efficiently provision necessary access rights for a given system, only if users need it, when they need it and for only as long as they need it. In this paper we present...
Access control Systems are used to authenticate and authorize users. For specifying and reasoning about the security properties of access control Systems, many researchers have proposed the use of belief logics. Since authentication protocols are designed to operate in dynamic environments, it is important to model the evolution of access control systems through time. This paper proposes a state logic...
In this paper, we propose a flexible access control mechanism, which integrates domain information and confidence values, for mobile commerce. When user requests an access to the data server, the data server fetches and returns results according to the user's access right. Algorithms demonstrate the flexible access control is effective and flexible.
Access Control is very important in design of MIS and is safe assurance of system. The Role Based Access Control model is presented in this article. On this basis we present a method of information system authority control based on RBAC in web environment.
To conquer the problems existing in access control mechanisms available nowadays, such as how to manage the access authorities of the users and the protected resources, and how to keep the confidential data from visiting and modifying illegally, a new access control mechanism called multi-device TBPM-RBAC (MD-TBPM-RBAC) is proposed in this paper. According to the demand for unified users management...
In existent researches of trustworthiness-based grid access control systems, an important question has not been resolved well: what types of historical behaviors should be chosen to measure trustworthiness. An access control model based on trustworthiness is designed in this paper. To measure trustworthiness of a certain user when he accesses to relevant resource, two types of historical behaviors...
This paper presents a complete workflow security system for Grid Environments. It offers a high level of security, including access control for complex workflows, for various types of operations. This novel architecture also performs complex analyses for incompatible roles and policies at the workflow level. It also keeps track of previous actions and computes a security level for each enlisted user...
In the traditional RBAC model, if users want to access resources in cross-domain must register in the manage domain. When a user visits many manage domains, he can have multiple registration information, there exist the uncertainty and security of using resources. This paper set up a access control model which has a commission mechanism, and make a description of this commission model. At the same...
In this paper, a novel access control scheme based on Bayesian trust network is developed to address to the security services in P2P environments. The trust mechanism is constructed with Bayesian network model, which could describe precise trust degree of the P2P node responding to various operation or access. The model of access control is proposes with Bayesian trust network of P2P members, and...
With the appearance and growing application of open systems such as Internet, delegation is a primary mechanism to enforce access control in such systems. This paper distinguishes two kinds of delegation: authority delegation (AUD) and access delegation (ACD), and proposes a first-order logic system SRDL to capture the features of the two kinds of delegation models. SRDL properly describes AUD and...
Securing access to data in temporal and location-based services and mobile applications requires the definition of temporal and location-based access-control systems. To cope with the temporal and location-based requirements, we propose a Temporal and Location-based RBAC (TLRBAC) model. In the TLRBAC model, temporal-period and spatial-location based entities are used to constrain the permissions of...
Web services over the Internet are widely used nowadays. The problem of secure access to Web-based systems is of great importance naturally. Compared with the existing models, the action-based access control (ABAC) model is the most suitable to control the access on Web services. In this paper, the ABAC model is introduced. Then, the security architecture of ABAC for Web services is proposed. In the...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.