The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
We proposed a flexible prime number labeling for an evolutionary computing environment. The existing access control environment relies on the server to solve security problems. The current environment has become almost distributed and ubiquitous. This change has spawned the need for light-weight access control by clients, which have a resource limited environment. Existing studies using role-based...
Web services are now widely used in web-based applications. To protect the information in web services, many security specifications have been proposed. Attribute-based Encryption (ABE) provides us a brand new cryptographic primitive for access control. This paper sets out to examine an unexplored area to date - how attribute-based encryption might be used to provide privacy and security for web services...
The current environment has become almost distributed and ubiquitous. This change has spawned the need for light-weight access control by clients, which have a resource limited environment. In this paper, an adaptable light-weight access control scheme is proposed for an evolutionary computing environment. The existing access control environment relies on the server to solve security problems. Existing...
In this paper we describe extensions to the access control industry standards XACML and SAML to enable privacy-preserving and credential-based access control. Rather than assuming that an enforcement point knows all the requester's attributes, our extensions allow the requester to learn which attributes have to be revealed and which conditions must be satisfied, thereby enabling to leverage the advantages...
We propose a novel approach for the collaborative enforcement of security policies in distributed systems that is based on the dynamic (re-) deployment of multiple PDPs. The policies enforced by the collaborating PDPs are analysed and decomposed from a system wide policy as present in current centralized approaches. The security policy is decomposed into sub-policies based on an object domain approach...
Interest in document content security (DCS) has grown rapidly in recent years. SRL integrates data application, security theory with related content, and it can solve many leakages in office automation. It has important applications in many fields such as education information system, enterprise resource management, Electronic government etc. First the research fields and different tasks of DCS are...
XACML has become the de facto standard for expressing access control policy. Similarly, XML security standards, such as XML encryption and XML digital signature, have been widely deployed for protecting the confidentiality, authenticity and integrity of digital information. In this paper we present a framework of using XACML and XML security to support secure, embedded and fine-grained access control...
We describe an access control model that has been implemented in the web content management framework “Deme” (which rhymes with “team”). Access control in Deme is an example of what we call “bivalent relation object access control” (BROAC). This model builds on recent work by Giunchiglia et al. on relation-based access control (RelBAC), as well as other work on relational, flexible, fine-grained,...
Controlling XML data flow has become imperative due to its widespread regarding information exchange between different systems. Controlling XML data falls into two main categories: Securing/Protecting the data and Altering/Adapting the data. While the first one aims at protecting XML data and securing it against theft, the second aims at modifying and adapting the data to satisfy user/application...
OASIS XACML has become a recognized standard for the specification of access control policies, and has specified a generic framework for access control. While the XACML policy language is very flexible for access privileges, there is currently no method to specify the obligations send from a policy decision point (PDP) to a policy enforcement point (PEP) in a generic way. Potential conflicts between...
The security concerns with outsourcing XML databases are well known. In the past few years researchers have proposed solutions to many of the concerns in the current outsourced database model. However one area remains relatively untouched, the securing of queries to outsourced XML databases. Most current research fails to even specify how the user will actually query the outsourced data. Therefore...
Nowadays, a new security problem is arising in intranets. The threats from inside an organization account for a rapidly increasing proportion of losses. A new concept of “File View” is proposed to resolve this security problem in intranets, which uses the structure of database view for reference. Because of the differences between file system and database, there are some challenges in extending this...
At present, emerging possibilities for patients to access their health records or health information may potentially lead to changes within the current health care delivery system from an institution-centered to a patient-centered model and an electronic personal health record (PHR) may greatly influence such a shift. However, the use of PHRs does introduce specific challenges in terms of accidental...
Access control is an effective way to ensure that users have access to information they need with system permissions securely, which has become a significant research problem on security issues recently. In most research areas, the RBAC theory are considered as a popular access control solutions for general-purpose, while lacks the ability to satisfy the specific requirements of the system. In this...
NETCONF is a new protocol as the network becomes more and more complexity, which has a better capability administering lots of devices. However, the large scale network brings some trouble for implementing access control especially when administers need to deploy or update policies on each devices. In this regard, the architecture of centralized access control proxy server based on NETCONF is focused,...
Compliance management is a challenging task affected by continuously increasing legal requirements. Compliance with legal requirements can be assured by the incorporation of control activities into business processes. But the maintenance and monitoring of these control activities is a complex, time-consuming and often manual task. However, the timely communication of control exceptions is an important...
Managing access control policies is a complex task. We argue that much of the complexity is unnecessary and mostly due to historical reasons. There are number of legacy policy specification languages that all have limitations of some kind. These limitations have forced policy implementers to use certain styles of writing policies, often resulting in inconsistencies. The detection and resolution of...
Transition from paper to electronic form has a profound impact on how data is understood, managed and processed. While issues related to data sustainability, usability, accessibility, interoperability and integrity have already been addressed in the past, confidentiality labeling is becoming important research topic. How to protect classified data is a subject of organizational rules and technical...
The prevalent use of XML highlights the need for a generic, flexible access-control mechanism for XML documents that supports efficient and secure query access, without revealing sensitive information to unauthorized users. The focus of access control in client/server environment is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources...
Whereas access control describes the conditions that have to be fulfilled before data is released, usage control describes how the data has to be treated after it is released. Usage control can be applied to digital rights management, where the data are usually copyright-protected media, as well as in privacy, in which case the data are privacy-sensitive personal information. An important aspect of...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.