中文
相关论文

相关论文: Security Policy Specification Using a Graphical Ap…

200 篇论文

Policies are designed to distinguish between correct and incorrect actions; they are types. But badly typed actions may cause not compile errors, but financial and reputational harm We demonstrate how even the most complex ABAC policies can…

密码学与安全 · 计算机科学 2025-06-03 Matthew D. Fuchs

In this paper we present the core of LoCo, a logic-based high-level representation language for expressing configuration problems. LoCo shall allow to model these problems in an intuitive and declarative way, the dynamic aspects of…

计算机科学中的逻辑 · 计算机科学 2011-09-02 Markus Aschinger , Conrad Drescher , Georg Gottlob

As networks expand in size and complexity, they pose greater administrative and management challenges. Software Defined Networks (SDN) offer a promising approach to meeting some of these challenges. In this paper, we propose a policy driven…

密码学与安全 · 计算机科学 2018-06-07 Vijay Varadharajan , Kallol Karmakar , Uday Tupakula , Michael Hitchens

Cedar is a new authorization policy language designed to be ergonomic, fast, safe, and analyzable. Rather than embed authorization logic in an application's code, developers can write that logic as Cedar policies and delegate access…

The object-capability model is a security measure that consists in encoding access rights in individual objects to restrict its interactions with other objects. Since its introduction in 2013, different approaches to object-capability have…

软件工程 · 计算机科学 2019-07-19 Jörn Koepe

In this thesis we consider the problem of information hiding in the scenarios of interactive systems, statistical disclosure control, and refinement of specifications. We apply quantitative approaches to information flow in the first two…

密码学与安全 · 计算机科学 2012-02-14 Mário S. Alvim

Reasoning about security properties involves reasoning about where the information of a system is located, and how it evolves over time. While most security analysis techniques need to cope with some notions of information locality and…

计算机科学中的逻辑 · 计算机科学 2011-03-01 Bernardo Toninho , Luís Caires

Constraints such as separation-of-duty are widely used to specify requirements that supplement basic authorization policies. However, the existence of constraints (and authorization policies) may mean that a user is unable to fulfill…

密码学与安全 · 计算机科学 2016-12-20 Pierre Bergé , Jason Crampton , Gregory Gutin , Rémi Watrigant

The stack-based access control mechanism plays a fundamental role in the security architecture of Java and Microsoft CLR (common language runtime). It is enforced at runtime by inspecting methods in the current call stack for granted…

密码学与安全 · 计算机科学 2013-10-15 Xin Li , Hua Vy Le Thanh

We propose a new formal criterion for evaluating secure compilation schemes for unsafe languages, expressing end-to-end security guarantees for software components that may become compromised after encountering undefined behavior---for…

A workflow specification defines a set of steps and the order in which those steps must be executed. Security requirements and business rules may impose constraints on which users are permitted to perform those steps. A workflow…

数据结构与算法 · 计算机科学 2013-03-14 Jason Crampton , Gregory Gutin

Program obfuscation is a widely employed approach for software intellectual property protection. However, general obfuscation methods (e.g., lexical obfuscation, control obfuscation) implemented in mainstream obfuscation tools are heuristic…

密码学与安全 · 计算机科学 2017-10-04 Hui Xu , Yangfan Zhou , Yu Kang , Michael R. Lyu

As more business activities are being automated and an increasing number of computers are being used to store vital and sensitive information the need for secure computer systems becomes more apparent. These systems can be achieved only…

计算机与社会 · 计算机科学 2009-09-25 Shireesh Reddy Annam

Conventional approaches for ensuring the security of application software at run-time, through monitoring, either produce (high rates of) false alarms (e.g. intrusion detection systems) or limit application performance (e.g. run-time…

密码学与安全 · 计算机科学 2016-01-19 Muhammad Taimoor Khan , Dimitrios Serpanos , Howard Shrobe

We provide a protection system making use of encapsulation, messages communication, interface functions coming from an object oriented model described in previous works. Each user represents himself to the system by the mean of his "USER"…

编程语言 · 计算机科学 2020-07-27 Joël Colloc

Access control is the enforcement of the authorization policy, which defines subjects, resources, and access rights. Graph-structured data requires advanced, flexible, and fine-grained access control due to its complex structure as…

密码学与安全 · 计算机科学 2024-06-03 Aya Mohamed , Dagmar Auer , Daniel Hofer , Josef Kueng

Confidentiality, integrity, availability, authenticity, authorization, and accountability are known as security properties that secure systems should preserve. They are usually considered as security final goals that are achieved by system…

软件工程 · 计算机科学 2025-05-21 Imen Sayar , Nan Messe , Sophie Ebersold , Jean-Michel Bruel

Cybersecurity demands rigorous and scalable techniques to ensure system correctness, robustness, and resilience against evolving threats. Automated reasoning, encompassing formal logic, theorem proving, model checking, and symbolic…

密码学与安全 · 计算机科学 2025-05-14 Sarah Veronica

Administrator-centered access control failures can cause data breaches, putting organizations at risk of financial loss and reputation damage. Existing graphical policy configuration tools and automated policy generation frameworks attempt…

密码学与安全 · 计算机科学 2023-10-06 Sakuna Harinda Jayasundara , Nalin Asanka Gamagedara Arachchilage , Giovanni Russello

We present SAFE, an integrated system for managing trust using a logic-based declarative language. Logical trust systems authorize each request by constructing a proof from a context---a set of authenticated logic statements representing…

密码学与安全 · 计算机科学 2015-10-19 Vamsi Thummala , Jeff Chase