中文
相关论文

相关论文: Specifying and Implementing Security Policies Usin…

200 篇论文

A security policy states the acceptable actions of an information system, as the actions bear on security. There is a pressing need for organizations to declare their security policies, even informal statements would be better than the…

密码学与安全 · 计算机科学 2007-05-23 James A. Hoagland , Raju Pandey , Karl N. Levitt

Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined,…

软件工程 · 计算机科学 2017-01-02 Andrea Margheri , Massimiliano Masi , Rosario Pugliese , Francesco Tiezzi

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…

软件工程 · 计算机科学 2015-08-18 Andrea Margheri , Rosario Pugliese , Francesco Tiezzi

In this report, we aim at establishing proper ways for model checking the global security of distributed systems, which are designed consisting of set of localised security policies that enforce specific issues about the security expected.…

密码学与安全 · 计算机科学 2012-05-30 Alejandro Mario Hernandez

LLM generated code often contains security issues. We address two key challenges in improving secure code generation. First, obtaining high quality training data covering a broad set of security issues is critical. To address this, we…

密码学与安全 · 计算机科学 2025-09-11 Mohammad Saqib Hasan , Saikat Chakraborty , Santu Karmaker , Niranjan Balasubramanian

A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between…

密码学与安全 · 计算机科学 2013-10-15 Jean Quilbeuf , Georgeta Igna , Denis Bytschkow , Harald Ruess

This paper introduces a run-time mechanism for preventing leakage of secure information in distributed systems. We consider a general concurrency language model, where concurrent objects interact by asynchronous method calls and futures.…

编程语言 · 计算机科学 2020-02-26 Farzane Karami , Olaf Owe , Gerardo Schneider

Large language models (LLMs) are increasingly applied in fields such as finance, education, and governance due to their ability to generate human-like text and adapt to specialized tasks. However, their widespread adoption raises critical…

密码学与安全 · 计算机科学 2025-05-26 Yu Wang , Cailing Cai , Zhihua Xiao , Peifung E. Lam

Security-Enhanced Linux (SELinux) is a robust security mechanism that enforces mandatory access controls (MAC), but its policy language's complexity creates challenges for policy analysis and management. This research investigates the…

机器学习 · 计算机科学 2025-01-08 Krish Jain , Joann Sum , Pranav Kapoor , Amir Eaman

We propose in this paper the Security Policy Language (SePL), which is a formal language for capturing and integrating distributed security policies. The syntax of SePL includes several operators for the integration of policies and it is…

密码学与安全 · 计算机科学 2020-05-12 Mohamed Mejri , Hamdi Yahyaoui

For security and privacy management and enforcement purposes, various policy languages have been presented. We give an overview on 27 security and privacy policy languages and present a categorization framework for policy languages. We show…

密码学与安全 · 计算机科学 2015-12-02 Saffija Kasem-Madani , Michael Meier

We propose LAGO - Language Similarity-Aware Graph Optimization - a novel approach for few-shot cross-lingual embedding inversion attacks, addressing critical privacy vulnerabilities in multilingual NLP systems. Unlike prior work in…

计算与语言 · 计算机科学 2025-05-23 Wenrui Yu , Yiyi Chen , Johannes Bjerva , Sokol Kosta , Qiongxiu Li

Modern software systems rely on mining insights from business sensitive data stored in public clouds. A data breach usually incurs significant (monetary) loss for a commercial organization. Conceptually, cloud security heavily relies on…

密码学与安全 · 计算机科学 2022-06-14 Mikhail Kazdagli , Mohit Tiwari , Akshat Kumar

A common requirement in policy specification languages is the ability to map policies to the underlying network devices. Doing so, in a provably correct way, is important in a security policy context, so administrators can be confident of…

密码学与安全 · 计算机科学 2016-05-31 Dinesha Ranathunga , Matthew Roughan , Phil Kernick , Nick Falkner

The enforcement of security policies in outsourced environments is still an open challenge for policy-based systems. On the one hand, taking the appropriate security decision requires access to the policies. However, if such access is…

密码学与安全 · 计算机科学 2013-06-21 Muhammad Rizwan Asghar , Mihaela Ion , Giovanni Russello , Bruno Crispo

Many languages and algebras have been proposed in recent years for the specification of authorization policies. For some proposals, such as XACML, the main motivation is to address real-world requirements, typically by providing a complex…

密码学与安全 · 计算机科学 2011-11-28 Jason Crampton , Charles Morisset

The stack-based access control mechanism plays a fundamental role in the security architecture of Java and Microsoft CLR (common language runtime). It is enforced at runtime by inspecting methods in the current call stack for granted…

密码学与安全 · 计算机科学 2013-10-15 Xin Li , Hua Vy Le Thanh

In this paper we present the core of LoCo, a logic-based high-level representation language for expressing configuration problems. LoCo shall allow to model these problems in an intuitive and declarative way, the dynamic aspects of…

计算机科学中的逻辑 · 计算机科学 2011-09-02 Markus Aschinger , Conrad Drescher , Georg Gottlob

The FAdo system is a symbolic manipulator of formal languages objects, implemented in Python. In this work, we extend its capabilities by implementing methods to manipulate transducers and we go one level higher than existing formal…

形式语言与自动机理论 · 计算机科学 2016-08-02 Stavros Konstantinidis , Casey Meijer , Nelma Moreira , Rogério Reis

Enforcing security requirements in networked information systems relies on security controls to mitigate the risks from increasingly dangerous threats. Configuring security controls is challenging; even nowadays, administrators must perform…

密码学与安全 · 计算机科学 2025-01-14 Cataldo Basile , Gabriele Gatti , Francesco Settanni
‹ 上一页 1 2 3 10 下一页 ›