We present a model-based approach to testing access control requirements. By using combinatorial testing, we first automatically generate test cases from and without access contro...
Alexander Pretschner, Tejeddine Mouelhi, Yves Le T...
Current intrusion detection systems work in isolation from access control for the application the systems aim to protect. The lack of coordination and inter-operation between thes...
Tatyana Ryutov, B. Clifford Neuman, Dong-Ho Kim, L...
View-based access control enables content-based and context-based security, as opposed to container-based security provided in operating systems. However, view-based access contro...
This paper proposes a security analysis framework for dynamic web applications. A reverse engineering process is performed over a dynamic web application to extract a rolebased ac...
Managing privacy of online content is difficult. We present a simple social access control where sharers specify test questions of shared knowledge, such as "what is our scho...
Michael Toomim, Xianhang Zhang, James Fogarty, Nat...