This paper motivates the fundamental importance of application context for security. It then gives an overview of the PEI framework for application-centric security and outlines s...
The paper describes the design and implementation of a security architecture for a Cooperative Information System implemented with CORBA technologies. We first define a role-based...
This paper argues that Napoleon, a flexible, role-based access control (RBAC) modeling environment, is also a practical solution for enforcing business process control, or workflo...
Charles N. Payne, D. J. Thomsen, J. Bogle, Richard...
With Hidden Credentials Alice can send policyencrypted data to Bob in such a way that he can decrypt the data only with the right combination of credentials. Alice gains no knowle...
We describe a new attack against web authentication, which we call dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim’s browser malicious Javascrip...
Chris Karlof, Umesh Shankar, J. Doug Tygar, David ...