中文
相关论文

相关论文: Security Policy Specification Using a Graphical Ap…

200 篇论文

With the advent of wide security platforms able to express simultaneously all the policies comprising an organization's global security policy, the problem of inconsistencies within security policies become harder and more relevant. We have…

计算机科学中的逻辑 · 计算机科学 2007-05-23 Carlos Ribeiro , Andre Zuquete , Paulo Ferreira , Paulo Guedes

Traditional database access control mechanisms use role based methods, with generally row based and attribute based constraints for granularity, and privacy is achieved mainly by using views. However if only a set of views according to…

数据库 · 计算机科学 2014-07-18 Ugur Turan , Ismail Hakki Toroslu

Organizational cybersecurity policies are often examined to determine whether they adequately comply standard security controls. This task is difficult because control statements are abstract, whereas policy documents describe governance…

密码学与安全 · 计算机科学 2026-05-11 Bikash Saha , Sandeep Kumar Shukla

We propose a new static approach to Role-Based Access Control (RBAC) policy enforcement. The static approach we advocate includes a new design methodology, for applications involving RBAC, which integrates the security requirements into the…

软件工程 · 计算机科学 2014-09-12 Asad Ali , Maribel Fernández

Cross-border access to a variety of data such as market information, strategic information, or customer-related information defines the daily business of many global companies, including financial institutions. These companies are obliged…

密码学与安全 · 计算机科学 2010-06-24 Michael Stieghahn , Thomas Engel

Information security isn't just about software and hardware -- it's at least as much about policies and processes. But the research community overwhelmingly focuses on the former over the latter, while gaping policy and process problems…

密码学与安全 · 计算机科学 2024-03-25 Arvind Narayanan , Kevin Lee

The escalating complexity of modern software development environments has heightened concerns around supply chain security. However, existing frameworks often fall short in translating abstract security principles into concrete, actionable…

软件工程 · 计算机科学 2025-06-16 Sung Une Lee , Liming Dong , Zhenchang Xing , Muhammad Ejaz Ahmed , Stefan Avgoustakis

We propose a method to optimise the parameters of a policy which will be used to safely perform a given task in a data-efficient manner. We train a Gaussian process model to capture the system dynamics, based on the PILCO framework. Our…

机器学习 · 统计学 2019-12-03 Kyriakos Polymenakos , Alessandro Abate , Stephen Roberts

We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally…

密码学与安全 · 计算机科学 2009-05-12 Stere Preda , Nora Cuppens-Boulahia , Frederic Cuppens , Joaquin Garcia-Alfaro , Laurent Toutain

We demonstrate, by a number of examples, that information-flow security properties can be proved from abstract architectural descriptions, that describe only the causal structure of a system and local properties of trusted components. We…

密码学与安全 · 计算机科学 2016-01-05 Stephen Chong , Ron van der Meyden

System security assurance provides the confidence that security features, practices, procedures, and architecture of software systems mediate and enforce the security policy and are resilient against security failure and attacks. Alongside…

密码学与安全 · 计算机科学 2022-08-04 Ankur Shukla , Basel Katt , Livinus Obiora Nweke , Prosper Kandabongee Yeng , Goitom Kahsay Weldehawaryat

Authentication systems are designed to give the right person access to an organization's information system and to restrict it from the wrong person. Such systems are designed by IT professionals to protect an organization's assets (e.g.,…

密码学与安全 · 计算机科学 2015-09-04 Christopher S. Pilson , James C. McElroy

We present a small, formal language for specifying the behavior of simple console I/O programs. The design is driven by the concrete application case of testing interactive Haskell programs written by students. Specifications are…

编程语言 · 计算机科学 2025-06-27 Oliver Westphal , Janis Voigtländer

The advance of web services technologies promises to have far-reaching effects on the Internet and enterprise networks allowing for greater accessibility of data. The security challenges presented by the web services approach are…

计算机科学中的逻辑 · 计算机科学 2012-06-15 Michele Barletta , Silvio Ranise , Luca Viganò

Ensuring compliance of organizations to federal regulations is a growing concern. This paper presents a framework and methods to verify whether an implemented low-level security policy is compliant to a high-level security policy. Our…

密码学与安全 · 计算机科学 2008-10-01 Vaibhav Gowadia , Csilla Farkas , Michiharu Kudo

We introduce a framework for reasoning about the security of computer systems using modal logic. This framework is sufficiently expressive to capture a variety of known security properties, while also being intuitive and independent of…

密码学与安全 · 计算机科学 2023-09-19 Matvey Soloviev , Musard Balliu , Roberto Guanciale

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

密码学与安全 · 计算机科学 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Formal patterns are formally specified solutions to frequently occurring distributed system problems that are generic, executable, and come with strong qualitative and/or quantitative formal guarantees. A formal pattern is a generic system…

密码学与安全 · 计算机科学 2026-03-23 Víctor García , Santaigo Escobar , Catherine Meadows , Jose Meseguer

Security protocols stipulate how the remote principals of a computer network should interact in order to obtain specific security goals. The crucial goals of confidentiality and authentication may be achieved in various forms, each of…

密码学与安全 · 计算机科学 2018-02-27 Giampaolo Bella , Stefano Bistarelli

This paper introduces language-based agent control (LBAC), a new programming model for agentic applications that brings techniques from programming languages and language-based security to the problem of agent control. In conventional…

编程语言 · 计算机科学 2026-05-14 Timothy Zhou , Loris D'Antoni , Nadia Polikarpova