中文
相关论文

相关论文: Specifying and Implementing Security Policies Usin…

200 篇论文

As networks expand in size and complexity, they pose greater administrative and management challenges. Software Defined Networks (SDN) offer a promising approach to meeting some of these challenges. In this paper, we propose a policy driven…

密码学与安全 · 计算机科学 2018-06-07 Vijay Varadharajan , Kallol Karmakar , Uday Tupakula , Michael Hitchens

We propose a new static approach to Role-Based Access Control (RBAC) policy enforcement. The static approach we advocate includes a new design methodology, for applications involving RBAC, which integrates the security requirements into the…

软件工程 · 计算机科学 2014-09-12 Asad Ali , Maribel Fernández

We propose a method to optimise the parameters of a policy which will be used to safely perform a given task in a data-efficient manner. We train a Gaussian process model to capture the system dynamics, based on the PILCO framework. Our…

机器学习 · 统计学 2019-12-03 Kyriakos Polymenakos , Alessandro Abate , Stephen Roberts

The reliance of Large Language Models and Internet of Things systems on massive, globally distributed data flows creates systemic security and privacy challenges. When data traverses borders, it becomes subject to conflicting legal regimes,…

密码学与安全 · 计算机科学 2026-01-13 Chalitha Handapangoda

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

密码学与安全 · 计算机科学 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

This paper introduces language-based agent control (LBAC), a new programming model for agentic applications that brings techniques from programming languages and language-based security to the problem of agent control. In conventional…

编程语言 · 计算机科学 2026-05-14 Timothy Zhou , Loris D'Antoni , Nadia Polikarpova

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

编程语言 · 计算机科学 2019-01-09 Ana Almeida Matos , Jan Cederquist

CySecTool is a tool that finds a cost-optimal security controls portfolio in a given budget for a probabilistic attack graph. A portfolio is a set of counter-measures, or controls, against vulnerabilities adopted for a computer system,…

密码学与安全 · 计算机科学 2022-04-26 Przemysław Buczkowski , Pasquale Malacaria , Chris Hankin , Andrew Fielder

Key Assignment Schemes (KASs) have been extensively studied in the context of cryptographically-enforced access control, where derived keys are used to decrypt protected resources. In this paper, we explore the use of KASs in entity…

密码学与安全 · 计算机科学 2013-03-19 James Alderman , Jason Crampton

Writing a platform for reactive applications which enforces operational constraints is difficult, and has been approached in various ways. In this experience report, we detail an approach using an embedded DSL which can be used to specify…

软件工程 · 计算机科学 2015-04-09 Paul van der Walt

Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of…

密码学与安全 · 计算机科学 2017-06-13 Peter Amthor

Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced…

编程语言 · 计算机科学 2015-07-01 Aslan Askarov , Andrew Myers

Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to…

密码学与安全 · 计算机科学 2023-07-27 Simon Unger , Ektor Arzoglou , Markus Heinrich , Dirk Scheuermann , Stefan Katzenbeisser

We design a graph-based framework for the visualisation and analysis of obligations in access control policies. We consider obligation policies in CBACO, the category-based access control model, which has been shown to subsume many of the…

计算机科学中的逻辑 · 计算机科学 2021-11-02 Sandra Alves , Jorge Iglésias

Large Language Models (LLMs) are increasingly acting as autonomous agents, but their continuous interaction with the environment can lead to in-context reward hacking (ICRH), a phenomenon where LLMs iteratively optimize their behavior to…

计算与语言 · 计算机科学 2026-05-28 Jiayong Wan , Jiawei Chen , Zhaoxia Yin , Liu Shuyuan , Hang Su

Intensional sets are sets given by a property rather than by enumerating their elements. In previous work, we have proposed a decision procedure for a first-order logic language which provides Restricted Intensional Sets (RIS), i.e., a…

编程语言 · 计算机科学 2020-08-03 Maximiliano Cristiá , Andrea Fois , Gianfranco Rossi

A major challenge to deploying cyber-physical systems with learning-enabled controllers is to ensure their safety, especially in the face of changing environments that necessitate runtime knowledge acquisition. Model-checking and automated…

编程语言 · 计算机科学 2025-02-27 Yao Feng , Jun Zhu , André Platzer , Jonathan Laurent

Users increasingly create, manage and share digital resources, including sensitive data, via cloud platforms and APIs. Platforms encode the rules governing access to these resources, referred to as \textit{security policies}, using…

密码学与安全 · 计算机科学 2023-07-13 Joe Stubbs , Smruti Padhy , Richard Cardone , Steven Black

Constraints such as separation-of-duty are widely used to specify requirements that supplement basic authorization policies. However, the existence of constraints (and authorization policies) may mean that a user is unable to fulfill…

密码学与安全 · 计算机科学 2016-12-20 Pierre Bergé , Jason Crampton , Gregory Gutin , Rémi Watrigant

Cedar is a new authorization policy language designed to be ergonomic, fast, safe, and analyzable. Rather than embed authorization logic in an application's code, developers can write that logic as Cedar policies and delegate access…