Related papers: Preliminary steps in designing and implementing a …
The sharing of public key information is central to the digital credential security model, but the existing Web PKI with its opaque Certification Authorities and synthetic attestations serves a very different purpose. We propose a new…
Basic role based access control [RBAC] provides a mechanism for segregating access privileges based upon a user's hierarchical roles within an organization. This model doesn't scale well when there is tight integration of multiple…
Partitioning hypervisor solutions are becoming increasingly popular, to ensure stringent security and safety requirements related to isolation between co-hosted applications and to make more efficient use of available hardware resources.…
In traditional access control policies, every access granted and administrative account introduces an additional vulnerability, as a corruption of a high-privilege user can compromise several sensitive files. Privocracy is an access control…
Access control models have been developed to control authorized access to sensitive resources. This control of access is important as there is now a need for collaborative resource sharing between multiple organizations over open…
A Certificate Authority (CA) provides the critical authentication and security services for Public Key Infrastructure (PKI) which are used for the Internet and wired networks. In MANETs (wireless and ad hoc) there is an inability to offer a…
Public Key Infrastructures (PKIs) with their trusted Certificate Authorities (CAs) provide the trust backbone for the Internet: CAs sign certificates which prove the identity of servers, applications, or users. To be trusted by operating…
Recent progress towards theoretical interpretability guarantees for AI has been made with classifiers that are based on interactive proof systems. A prover selects a certificate from the datapoint and sends it to a verifier who decides the…
The optimization of Precoding Matrix Indicators (PMIs) is crucial for enhancing the performance of 5G networks, particularly in dense deployments where inter-cell interference is a significant challenge. Some approaches have leveraged AI/ML…
Programmable Logic Controllers (PLC) are widely used for industrial automation including safety systems at CERN. The incorrect behaviour of the PLC control system logic can cause significant financial losses by damage of property or the…
In this paper, the idea of client verification in distributed systems is presented. The proposed solution presents a sample system where client verification through cloud resources using input signature is discussed. For different…
LLM agents are increasingly relevant to research domains such as vulnerability discovery. Yet, the strongest systems remain closed and cloud-only, making them resource-intensive, difficult to reproduce, and unsuitable for work involving…
The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…
Traditional authorization policies are user-centric, in the sense that authorization is defined, ultimately, in terms of user identities. We believe that this user-centric approach is inappropriate for many applications, and that what…
Application programming interfaces (APIs) have become a central part of the modern IT environment, allowing developers to enrich the functionality of applications and interact with third parties such as cloud and payment providers. This…
Validation is one of the software engineering disciplines that help build quality into software. The major objective of software validation process is to determine that the software performs its intended functions correctly and provide…
The advance of web services technologies promises to have far-reaching effects on the Internet and enterprise networks allowing for greater accessibility of data. The security challenges presented by the web services approach are…
Key Assignment Schemes (KASs) have been extensively studied in the context of cryptographically-enforced access control, where derived keys are used to decrypt protected resources. In this paper, we explore the use of KASs in entity…
HPC centers face increasing demand for software flexibility, and there is growing consensus that Linux containers are a promising solution. However, existing container build solutions require root privileges and cannot be used directly on…
Cloud-mediated IoT architectures fragment authentication across vendor silos and create latency and availability bottlenecks for cross-vendor device-to-device (D2D) interactions. We present Atlas, a framework that extends the Web public-key…