The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Given social media users’ plethora of interactions, appropriately controlling access to such information becomes a challenging task for users. Selecting the appropriate audience, even from within their own friend network, can be fraught with difficulties. PACMAN is a potential solution for this dilemma problem. It’s a personal assistant agent that recommends personalized access control decisions based...
The vehicles typically have a lifetime of several years, possibly even longer than 10 years, over which communication technology will almost certainly evolve dramatically. The challenge of automotive communication platform is to ensure that a radio communication component remains relevant over the entire lifetime of a vehicle. A highly efficient software reconfiguration solution is introduced in this...
The advances in virtual engineering brought about the creation of models of physical systems. This has been enhanced by the use of relevant standards and web technologies to develop interfaces for monitoring and controlling industrial systems at the shop floor or remotely over the internet. However, owing to the open nature of the internet as well as vulnerabilities associated with internet-based...
Healthcare network and computing infrastructure is rapidly changing from closed environments to open environments that incorporate new devices and new application scenarios. Home-based healthcare is such an example of leveraging pervasive sensors and analyzing sensor data (often in real-time) to guide therapy or intervene. In this paper, we address the challenges in regulatory compliance when designing...
In recent years, advances in wireless local area network (WLAN) systems have led to large increases in the transmission speed. The IEEE 802.11ac standard allows for very high transmissions by using multi-user multiple input multiple output (MU-MIMO) techniques in the physical (PHY) layer. However, the transmission efficiency is decreased by the channel state information (CSI) estimation algorithm...
This paper presents results of the ongoing development of the Intercloud Security Framework (ICSF), that is a part of the Intercloud Architecture Framework (ICAF), and provides an architectural basis for building security infrastructure services for multi-cloud applications. The paper refers to general use case of the data intensive applications that indicate need for multi-cloud applications platforms...
Access control policies written in the XACML standard language tend to be complex due to the great variety of attribute types and operations for fine-grained access control. The complexity not only increases the likelihood of having authorization faults in access control policies, but also makes it challenging to find and fix these faults. This paper presents an approach for automating the process...
During the development of the security subsystem of modern information systems, a problem of the joint implementation of several access control models arises quite often. Traditionally, a request for the user's access to resources is granted in case of simultaneous access permission by all active security policies. When there is a conflict between the decisions of the security policies, the issue...
We propose a provenance framework which includes an expressive provenance model able to represent the provenance of any data object captured with various granularities. The model is represented according to relational and graph specifications. The framework is interoperable with two standard provenance models: OPM and PROV. In addition, the framework captures access control policies for data objects...
The complexity of security systems at airports within the United States — indeed, worldwide — has grown significantly over the years in response to increasing threats and regulatory developments. Initially, each airport developed its own security system without recourse to unified standards. The result was a mixed bag of proprietary systems which were typically over budget, poorly integrated, did...
Predicate encryption is a public-key encryption that supports attribute-hiding as well as payload-hiding and achieves high flexibility in terms of access control. Since Katz, Sahai, and Waters first proposed the predicate encryption scheme in 2008, several predicate encryption schemes have been published. Unfortunately these are impractical as they require $O(n)$<alternatives> <inline-graphic xlink:type="simple" xlink:href="kim-ieq1-2526000.gif"/></alternatives>...
the goal of this paper is to survey access control models, protocols and frameworks in IoT. We provide a literature overview and discuss in a qualitative way the most relevant IoT related-projects over recent years.
Software-defined networking (SDN) allows the insertion of software that manages the network through a centralized controller. While the controller improves network management through features such as network-wide and higher-level abstraction, the urgent requirement of security is still less well-studied. Ravel is a database-defined controller which, like many other SDN controllers, currently exposes...
Cloud computing is an emerging IT paradigm proving cost reduction and flexibility benefits. However security and privacy are serious issues challenging its adoption and sustainability in both social and commercial areas. Public clouds, in particular, present a controversial which is brought up by the need to exchange critical and protected data (even sensitive) between heterogeneous domains that are...
Usage control extends access control by enabling the specification of requirements that should be satisfied before, while and after access. To ensure that the deployment of usage control policies in target domains achieves the required security goals, policy verification and analysis tools are needed. In this paper, we present an approach for the dynamic analysis of usage control policies using formal...
The massive distribution and sharing of images increases the risk of privacy losses. There are several image formats, but one of the most used is JPEG. To take care of this, the JPEG standardization committee is promoting an activity on privacy and security, in order to provide protection at image level. This paper presents a mechanism to improve privacy in JPEG images by adding privacy policies inside...
Motivated by the problem of understanding the difference between practical access control and capability systems formally, we distill the essence of both in a language-based setting. We first prove that access control systems and (object) capabilities are fundamentally different. We further study capabilities as an enforcement mechanism for confused deputy attacks (CDAs), since CDAs may have been...
Authorization in workflow systems is usually built on top of role-based access control (RBAC), security policies on workflows are then expressed as constraints on the users performing a set of tasks and the roles assigned to them. Unfortunately, when role administration is distributed and potentially untrusted users contribute to the role assignment process, like in the case of Administrative RBAC...
The article presents a security solution of mapping RBAC model in to Linux kernel systems. RBAC management model represents an effective concept of mapping user organization structure to access control of computer systems objects. Definition of RBAC model roles allows declaring permitted operations with specified security policy. Based on the roles, system management model provides a comprehensive...
The correct labelling of all information at its point of origin is a critical enabler for effective information access control in modern military systems. If information is not properly labeled it cannot be shared between different communities of interest and coalition partners, which affects the responsibility to share and potentially impedes ongoing military operations. This paper describes two...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.