Results 1 -
6 of
6
A.: Towards continuous usage control on grid computational services. In:
- ICAS-ICNS ’05: Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services,
, 2005
"... Abstract ..."
(Show Context)
Fine grained access control with trust and reputation management for globus
- In GADA 2007, To appear Lecture Notes in Computer Science
, 2007
"... Abstract. We propose an integrated architecture, extending a framework for fine grained access control of Grid computational services, with an inference engine managing reputation and trust management credentials. Also, we present the implementation of the proposed architecture, with preliminary per ..."
Abstract
-
Cited by 16 (8 self)
- Add to MetaCart
(Show Context)
Abstract. We propose an integrated architecture, extending a framework for fine grained access control of Grid computational services, with an inference engine managing reputation and trust management credentials. Also, we present the implementation of the proposed architecture, with preliminary performance figures. 1
xesb: An enterprise service bus for access and usage control policy enforcement
- In IFIPTM
, 2010
"... Abstract. Enforcing complex policies that span organizational domains is an open challenge. Current work on SOA policy enforcement splits security in logical components that can be distributed across domains, but does not offer any concrete solution to integrate this security functionality so that ..."
Abstract
-
Cited by 14 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Enforcing complex policies that span organizational domains is an open challenge. Current work on SOA policy enforcement splits security in logical components that can be distributed across domains, but does not offer any concrete solution to integrate this security functionality so that it works across security services for organization-wide policies. In this paper, we propose xESB, an enhanced version of an Enterprise Message Bus (ESB), where we monitor and enforce preventive and reactive policies, both for access control and usage control policies, and both inside one domain and between domains. In addition, we introduce indicators that help SOA administrators assess the effectiveness of their policies. Our performance measurements show that policy enforcement at the ESB level comes with only moderate penalties.
Securing Java with Local Policies
"... Abstract. We propose an extension to the security model of Java. It allows for specifying, analysing and enforcing history-based policies. Policies are defined by finite state automata recognizing the permitted execution histories. Programmers can sandbox an untrusted piece of code with a policy, wh ..."
Abstract
-
Cited by 4 (4 self)
- Add to MetaCart
(Show Context)
Abstract. We propose an extension to the security model of Java. It allows for specifying, analysing and enforcing history-based policies. Policies are defined by finite state automata recognizing the permitted execution histories. Programmers can sandbox an untrusted piece of code with a policy, which is enforced at run-time through its local scope. A static analysis allows for optimizing the execution monitor, that will only check the program points where some security violation may actually occur. 1
A Survey of Usage Control in Computer Security
"... Abstract—Protecting access to digital resources is one of the fundamental problems recognized in computer security. It yet remains a challenging problem to work out starting from the conception till implementation. Access control is a study which deals with the ability to permit or deny the access r ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract—Protecting access to digital resources is one of the fundamental problems recognized in computer security. It yet remains a challenging problem to work out starting from the conception till implementation. Access control is a study which deals with the ability to permit or deny the access rights to a particular resource (object) by a particular entity (subject). The three most widely implemented traditional access control models are Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role Based Access Control (RBAC). Unfortunately, traditional access control solutions are unable to respond adequately to new challenges addressed by modern computer systems. Today highly-distributed, network-connected, heterogeneous and open computing environment needs finegrained, flexible, persistent and continuous protection model of access and usage of digital resources. In this paper, we outline the usage control model [1]–[3], the novel and promising approach for access control in open, distributed, heterogeneous and network-connected computer environment. Usage control model encompasses, systemizes and enhances existing traditional access control models, trust management and digital rights managements in a single framework. Usage control introduces a novel notion of subject’s and object’s attributes mutability and continuity of access decisions. This article surveys the literature on usage control over the period from its birth in 2002 till nowadays. First, we briefly recall existing traditional access control models. We then introduce a conceptual model and formal specification of security policies in usage control model. Later, we present architecture, enforcement mechanisms and implementations. Finally, we summarize usage control research activity. Index Terms—computer security, access control, usage control, security policy, trusted computing, reference monitor. I.
