English
Related papers

Related papers: Blockaid: Data Access Policy Enforcement for Web A…

200 papers

Constraints such as separation-of-duty are widely used to specify requirements that supplement basic authorization policies. However, the existence of constraints (and authorization policies) may mean that a user is unable to fulfill…

Cryptography and Security · Computer Science 2016-12-20 Pierre Bergé , Jason Crampton , Gregory Gutin , Rémi Watrigant

Context: Database-backed applications often run queries with more authority than necessary. Since programs can access more data than they legitimately need, flaws in security checks at the application level can enable malicious or buggy…

Programming Languages · Computer Science 2019-09-27 Ezra Zigmond , Stephen Chong , Christos Dimoulas , Scott Moore

Website fingerprinting attack is an extensively studied technique used in a web browser to analyze traffic patterns and thus infer confidential information about users. Several website fingerprinting attacks based on machine learning and…

Cryptography and Security · Computer Science 2023-02-28 Guodong Huang , Chuan Ma , Ming Ding , Yuwen Qian , Chunpeng Ge , Liming Fang , Zhe Liu

Existing SQL access control mechanisms are extremely limited. Attackers can leak information and escalate their privileges using advanced database features such as views, triggers, and integrity constraints. This is not merely a problem of…

Cryptography and Security · Computer Science 2016-11-18 Marco Guarnieri , Srdjan Marinovic , David Basin

Authorization and access control play an essential role in protecting sensitive information from malicious users. The system is based on security policies to determine if an access request is allowed. However, of late, the growing…

Cryptography and Security · Computer Science 2020-05-15 Tran Khanh Dang , Xuan Son Ha , Luong Khiem Tran

The services of internet place a key role in the daily life by enabling the in sequence from anywhere. To provide somewhere to stay the communication and management in applications the web services has stimulated to multitier design. In…

Cryptography and Security · Computer Science 2014-05-02 C. Venkatesh , D. Nagaraju , T. Sunil Kumar Reddy

Policy enforcers are sophisticated runtime components that can prevent failures by enforcing the correct behavior of the software. While a single enforcer can be easily designed focusing only on the behavior of the application that must be…

Software Engineering · Computer Science 2020-10-14 Oliviero Riganelli , Daniela Micucci , Leonardo Mariani , Yliès Falcone

Protection of Web applications is an activity that requires constant monitoring of security threats as well as looking for solutions in this field. Since protection has moved from the lower layers of OSI models to the application layer and…

Cryptography and Security · Computer Science 2010-03-25 Srdjan Stankovic , Dejan Simic

To safeguard sensitive user data, web developers typically rely on implicit access-control policies, which they implement using access checks and query filters. This ad hoc approach is error-prone as these scattered checks and filters are…

Software Engineering · Computer Science 2024-12-13 Wen Zhang , Dev Bali , Jamison Kerney , Aurojit Panda , Scott Shenker

Traditional database access control mechanisms use role based methods, with generally row based and attribute based constraints for granularity, and privacy is achieved mainly by using views. However if only a set of views according to…

Databases · Computer Science 2014-07-18 Ugur Turan , Ismail Hakki Toroslu

In general, deep learning models use to make informed decisions immensely. Developed models are mainly based on centralized servers, which face several issues, including transparency, traceability, reliability, security, and privacy. In…

Cryptography and Security · Computer Science 2023-03-28 Asma Jodeiri Akbarfam , Sina Barazandeh , Hoda Maleki , Deepti Gupta

Enforcing data protection and privacy rules within large data processing applications is becoming increasingly important, especially in the light of GDPR and similar regulatory frameworks. Most modern data processing happens on top of a…

Cryptography and Security · Computer Science 2020-08-13 Zsolt Istvan , Soujanya Ponnapalli , Vijay Chidambaram

Improvements in software defined networking allow for policy to be informed and modified by data-driven applications that can adjust policy to accommodate fluctuating requirements at line speed. However, there is some concern that…

Cryptography and Security · Computer Science 2026-01-27 Yi Lyu , Shichun Yu , Joe Catudal

Privacy protection in digital databases does not demand that data should not be collected, stored or used, but that there should be guarantees that the data can only be used for pre-approved and legitimate purposes. We argue that a data…

Computers and Society · Computer Science 2018-04-17 Subhashis Banerjee

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction,…

Cryptography and Security · Computer Science 2022-12-08 Ivan Kovačević , Bruno Štengl , Stjepan Groš

During the development of the security subsystem of modern information systems, a problem of the joint implementation of several access control models arises quite often. Traditionally, a request for the user's access to resources is…

Cryptography and Security · Computer Science 2018-12-21 S. V. Belim , N. F. Bogachenko , Y. S. Rakitskiy , A. N. Kabanov

Current approaches of enforcing FGAC in Database Management Systems (DBMS) do not scale in scenarios when the number of policies are in the order of thousands. This paper identifies such a use case in the context of emerging smart spaces…

Databases · Computer Science 2020-06-19 Primal Pappachan , Roberto Yus , Sharad Mehrotra , Johann-Christoph Freytag

In today's mobile application marketplace, the ability of consumers to make informed choices regarding their privacy is extremely limited. Consumers largely rely on privacy policies and app permission mechanisms, but these do an inadequate…

Computers and Society · Computer Science 2015-01-05 Steven C. Isley

Web applications are relied upon by many for the services they provide. It is essential that applications implement appropriate security measures to prevent security incidents. Currently, web applications focus resources towards the…

Cryptography and Security · Computer Science 2019-02-18 Calum C. Hall , Lynsay A. Shepherd , Natalie Coull

Management of information is an important aspect of every application. This includes, for example, protecting user data against breaches (like the one reported in the news about 50 million Facebook profiles being harvested for Cambridge…

Software Engineering · Computer Science 2021-01-01 David H. Lorenz , Boaz Rosenan