Related papers: Event Systems and Access Control
The MIS data is critical to an organization and should be protected from misuse by wrong persons. Although The MIS data is typically meant for the senior managers each MIS report may not be required by every manager. The access to MIS data…
Consequences of the basic and most evident consistency requirement-that measured events cannot happen and not happen at the same time-are shortly reviewed. Particular emphasis is given to event forecast and event control. As a consequence,…
This article analyzes trust and security in computing and communications systems. While in human-life, trust usually has some kind of commonly understood meaning, in the realm of computing and communications systems, it could be interpreted…
When AI systems are granted the agency to take impactful actions in the real world, there is an inherent risk that these systems behave in ways that are harmful. Typically, humans specify constraints on the AI system to prevent harmful…
We introduce the use, monitoring, and enforcement of integrity constraints in trust management-style authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then…
The sensitivity properties of intermittent control are analysed and the conditions for a limit cycle derived theoretically and verified by simulation.
This paper introduces the concept of accessibility from the field of transportation planning and adopts it within the context of Information Retrieval (IR). An analogy is drawn between the fields, which motivates the development of document…
Workflows and role-based access control models need to be suitably merged, in order to allow users to perform processes in a correct way, according to the given data access policies and the temporal constraints. Given a mapping between…
Constraints such as separation-of-duty are widely used to specify requirements that supplement basic authorization policies. However, the existence of constraints (and authorization policies) may mean that a user is unable to fulfill…
In this paper, we introduce a set of tools for providing user-friendly explanations in an explanation-based constraint programming system. The idea is to represent the constraints of a problem as an hierarchy (a tree). Users are then…
Runtime enforcement can be effectively used to improve the reliability of software applications. However, it often requires the definition of ad hoc policies and enforcement strategies, which might be expensive to identify and implement.…
Oversight and control, which we collectively call supervision, are often discussed as ways to ensure that AI systems are accountable, reliable, and able to fulfill governance and management requirements. However, the requirements for "human…
The advance of web services technologies promises to have far-reaching effects on the Internet and enterprise networks allowing for greater accessibility of data. The security challenges presented by the web services approach are…
Software systems are increasingly making decisions on behalf of humans, raising concerns about the fairness of such decisions. Such concerns are usually attributed to flaws in algorithmic design or biased data, but we argue that they are…
Distributed implementations of access control abound in distributed storage protocols. While such implementations are often accompanied by informal justifications of their correctness, our formal analysis reveals that their correctness can…
When developing autonomous systems, engineers and other stakeholders make great effort to prepare the system for all foreseeable events and conditions. However, these systems are still bound to encounter events and conditions that were not…
This article provides an introduction to event-triggered coordination for multi-agent average consensus. We provide a comprehensive account of the motivations behind the use of event-triggered strategies for consensus, the methods for…
Data protection regulations give individuals rights to obtain the information that entities have on them. However, providing such information can also reveal aspects of the underlying technical infrastructure and organisational processes.…
Event-B provides a flexible framework for stepwise system development via refinement. The framework supports steps for (a) refining events (one-by-one), (b) splitting events (one-by-many), and (c) introducing new events. In each of the…
Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of…