English
Related papers

Related papers: Verifying the Interplay of Authorization Policies …

200 papers

A software architecture describes the structure of a computing system by specifying software components and their interactions. Mapping a software architecture to an implementation is a well known challenge. A key element of this mapping is…

Programming Languages · Computer Science 2011-09-14 Damien Cassou , Emilie Balland , Charles Consel , Julia Lawall

During the development of the security subsystem of modern information systems, a problem of the joint implementation of several access control models arises quite often. Traditionally, a request for the user's access to resources is…

Cryptography and Security · Computer Science 2018-12-21 S. V. Belim , N. F. Bogachenko , Y. S. Rakitskiy , A. N. Kabanov

Microservice systems are becoming increasingly adopted due to their scalability, decentralized development, and support for continuous integration and delivery (CI/CD). However, this decentralized development by separate teams and…

Software Engineering · Computer Science 2025-12-01 Connor Wojtak , Darek Gajewski , Tomas Cerny

We demonstrate, by a number of examples, that information-flow security properties can be proved from abstract architectural descriptions, that describe only the causal structure of a system and local properties of trusted components. We…

Cryptography and Security · Computer Science 2016-01-05 Stephen Chong , Ron van der Meyden

We propose a methodology for verifying security properties of network protocols at design level. It can be separated in two main parts: context and requirements analysis and informal verification; and formal representation and procedural…

Cryptography and Security · Computer Science 2013-10-29 Jesus Diaz , David Arroyo , Francisco B. Rodriguez

This paper presents a formal approach to modelling and analysis of data and control flow dependencies between services within remotely deployed distributed systems of services. Our work aims at elaborating for a concrete system, which parts…

Software Engineering · Computer Science 2014-12-12 Maria Spichkova , Heinrich Schmidt

Workflows and role-based access control models need to be suitably merged, in order to allow users to perform processes in a correct way, according to the given data access policies and the temporal constraints. Given a mapping between…

Cryptography and Security · Computer Science 2016-01-12 Carlo Combi , Luca Viganó , Matteo Zavatteri

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…

Software Engineering · Computer Science 2015-08-18 Andrea Margheri , Rosario Pugliese , Francesco Tiezzi

Throughput limitations of existing blockchain architectures are well documented and are one of the most significant hurdles for their wide-spread adoption. In our previous proof-of-concept work, we have shown that separating computation…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-09-13 Alexander Hentschel , Dieter Shirley , Layne Lafrance , Maor Zamski

Grids enable the aggregation, virtualization and sharing of massive heterogeneous and geographically dispersed resources, using files, applications and storage devices, to solve computation and data intensive problems, across institutions…

Software Engineering · Computer Science 2007-07-06 David Manset , Herve Verjus , Richard McClatchey

In this paper, we propose a tool, called DataProVe, for specifying high-level data protection policies and system architectures, as well as verifying the conformance between them in a fully automated way. The syntax of the policies and the…

Cryptography and Security · Computer Science 2020-12-18 Vinh Thong Ta

Traditionally the integration of data from multiple sources is done on an ad-hoc basis for each analysis scenario and application. This is a solution that is inflexible, incurs in high costs, leads to "silos" that prevent sharing data…

Barrier certificates, a form of state invariants, provide an automated approach to the verification of the safety of dynamical systems. Similarly to barrier certificates, recent works explore the notion of closure certificates, a form of…

Systems and Control · Electrical Eng. & Systems 2026-02-16 Mohammed Adib Oumer , Vishnu Murali , Majid Zamani

A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between…

Cryptography and Security · Computer Science 2013-10-15 Jean Quilbeuf , Georgeta Igna , Denis Bytschkow , Harald Ruess

Modeling and analysis of interactions among services is a crucial issue in Service-Oriented Computing. Composing Web services is a complicated task which requires techniques and tools to verify that the new system will behave correctly. In…

Software Engineering · Computer Science 2010-09-21 Gwen Salaün

In model-based reinforcement learning for safety-critical control systems, it is important to formally certify system properties (e.g., safety, stability) under the learned controller. However, as existing methods typically apply formal…

Machine Learning · Computer Science 2023-03-22 Yixuan Wang , Simon Zhan , Zhilu Wang , Chao Huang , Zhaoran Wang , Zhuoran Yang , Qi Zhu

In an open information systems paradigm, real-time context-awareness is vital for the success of cooperation, therefore dynamic security attributes of partners should considered in coalition for avoiding security conflicts. Furthermore, the…

Cryptography and Security · Computer Science 2013-05-09 Ziyi Su , Frederique Biennier

The security discussion around agentic AI focuses heavily on prompt injection. This paper argues that multi-agent systems also create a distinct authorization problem: maintaining authorization invariants as non-human principals retrieve…

Artificial Intelligence · Computer Science 2026-05-08 Krti Tallam

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction,…

Cryptography and Security · Computer Science 2022-12-08 Ivan Kovačević , Bruno Štengl , Stjepan Groš

Along with the wide-adoption of Serverless Computing, more and more applications are developed and deployed on cloud platforms. Major cloud providers present their serverless workflow services to orchestrate serverless functions, making it…

Software Engineering · Computer Science 2021-01-14 Jinfeng Wen , Yi Liu