English
Related papers

Related papers: Static Enforceability of XPath-Based Access Contro…

200 papers

We propose a new static approach to Role-Based Access Control (RBAC) policy enforcement. The static approach we advocate includes a new design methodology, for applications involving RBAC, which integrates the security requirements into the…

Software Engineering · Computer Science 2014-09-12 Asad Ali , Maribel Fernández

XML access control policies involving updates may contain security flaws, here called inconsistencies, in which a forbidden operation may be simulated by performing a sequence of allowed operations. This paper investigates the problem of…

Databases · Computer Science 2007-08-16 Loreto Bravo , James Cheney , Irini Fundulaki

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…

Software Engineering · Computer Science 2015-08-18 Andrea Margheri , Rosario Pugliese , Francesco Tiezzi

Existing methods for verifying access control policies require the policy to be complete and fully determined before verification can proceed, but in practice policies are developed iteratively, composed from independently maintained…

Cryptography and Security · Computer Science 2026-03-16 Alexander V. Gheorghiu

Authorization and access control play an essential role in protecting sensitive information from malicious users. The system is based on security policies to determine if an access request is allowed. However, of late, the growing…

Cryptography and Security · Computer Science 2020-05-15 Tran Khanh Dang , Xuan Son Ha , Luong Khiem Tran

Access control is the enforcement of the authorization policy, which defines subjects, resources, and access rights. Graph-structured data requires advanced, flexible, and fine-grained access control due to its complex structure as…

Cryptography and Security · Computer Science 2024-06-03 Aya Mohamed , Dagmar Auer , Daniel Hofer , Josef Kueng

In large databases, creating user interface for browsing or performing insertion, deletion or modification of data is very costly in terms of programming. In addition, each modification of an access control policy causes many potential and…

Cryptography and Security · Computer Science 2015-06-01 Kambiz Ghazinour , Mehdi Ghayoumi

The ability to enforce robust and dynamic access controls on cloud-hosted data while simultaneously ensuring confidentiality with respect to the cloud itself is a clear goal for many users and organizations. To this end, there has been much…

Cryptography and Security · Computer Science 2016-04-28 William C. Garrison , Adam Shull , Steven Myers , Adam J. Lee

The enforcement of access control policies using cryptography has received considerable attention in recent years and the security of such enforcement schemes is increasingly well understood. Recent work in the area has considered the…

Cryptography and Security · Computer Science 2011-03-07 Jason Crampton

The use of IP filtering to improve system security is well established, and although limited in what it can achieve has proved to be efficient and effective. In the design of a security policy there is always a trade-off between usability…

Networking and Internet Architecture · Computer Science 2007-05-23 Scott Hazelhurst

Graph databases in many applications---semantic web, transport or biological networks among others---are not only large, but also frequently modified. Evaluating graph queries in this dynamic context is a challenging task, as those queries…

Logic in Computer Science · Computer Science 2015-12-18 Pablo Muñoz , Nils Vortmeier , Thomas Zeume

In this paper, we first define a logical theory representing an XML database supporting XPath as query language and XUpdate as modification language. We then extend our theory with predicates allowing us to specify the security policy…

Databases · Computer Science 2014-05-23 Alban Gabillon

The increasing use of graph-structured data for business- and privacy-critical applications requires sophisticated, flexible and fine-grained authorization and access control. Currently, role-based access control is supported in graph…

Cryptography and Security · Computer Science 2023-06-23 Aya Mohamed , Dagmar Auer , Daniel Hofer , Josef Küng

Security policies are naturally dynamic. Reflecting this, there has been a growing interest in studying information-flow properties which change during program execution, including concepts such as declassification, revocation, and…

Cryptography and Security · Computer Science 2015-01-13 Bart van Delft , Sebastian Hunt , David Sands

This thesis describes the theoretical and practical foundations of a system for the static analysis of XML processing languages. The system relies on a fixpoint temporal logic with converse, derived from the mu-calculus, where models are…

Programming Languages · Computer Science 2014-05-27 Pierre Geneves

Modern web applications serve large amounts of sensitive user data, access to which is typically governed by data-access policies. Enforcing such policies is crucial to preventing improper data access, and prior work has proposed many…

Databases · Computer Science 2022-06-02 Wen Zhang , Eric Sheng , Michael Chang , Aurojit Panda , Mooly Sagiv , Scott Shenker

Large Language Models (LLMs) face a fundamental safety-helpfulness trade-off due to static, one-size-fits-all safety policies that lack runtime controllabilityxf, making it difficult to tailor responses to diverse application needs. %As a…

Computation and Language · Computer Science 2026-02-09 Jianfeng Si , Lin Sun , Weihong Lin , Xiangzheng Zhang

Context: Static Application Security Testing (SAST) and Runtime Application Security Protection (RASP) are important and complementary techniques used for detecting and enforcing application-level security policies in web applications.…

Programming Languages · Computer Science 2021-07-16 Angel Luis Scull Pupo , Jens Nicolay , Elisa Gonzalez Boix

The evolving smart and interconnected systems are designed to operate with minimal human intervention. Devices within these smart systems often engage in prolonged operations based on sensor data and contextual factors. Recently, an…

Cryptography and Security · Computer Science 2024-03-18 Tanjila Mawla , Maanak Gupta , Ravi Sandhu

Given a directed graph and a source vertex, the fully dynamic single-source reachability problem is to maintain the set of vertices that are reachable from the given vertex, subject to edge deletions and insertions. It is one of the most…

Data Structures and Algorithms · Computer Science 2020-02-04 Kathrin Hanauer , Monika Henzinger , Christian Schulz
‹ Prev 1 2 3 10 Next ›