Sciweavers

PVLDB
2010
111views more  PVLDB 2010»
13 years 5 months ago
PolicyReplay: Misconfiguration-Response Queries for Data Breach Reporting
Recent legislation has increased the requirements of organizations to report data breaches, or unauthorized access to data. While access control policies are used to restrict acce...
Daniel Fabbri, Kristen LeFevre, Qiang Zhu
IJCMAM
2010
160views more  IJCMAM 2010»
13 years 8 months ago
Exploring Type-and-Identity-Based Proxy Re-Encryption Scheme to Securely Manage Personal Health Records
Commercial Web-based Personal-Health Record (PHR) systems can help patients to share their personal health records (PHRs) anytime from anywhere. PHRs are very sensitive data and an...
Luan Ibraimi, Qiang Tang, Pieter H. Hartel, Willem...
ICDIM
2010
IEEE
13 years 8 months ago
Detecting incompleteness in access control policies using data classification schemes
In a set of access control policies, incompleteness is the existence of situations for which no policy applies. Some of these situations can be exploited by attackers, to obtain un...
Riaz Ahmed Shaikh, Kamel Adi, Luigi Logrippo, Serg...
PPDP
2010
Springer
13 years 8 months ago
Rewrite-based verification of XML updates
We propose a model for XML update primitives of the W3C XQuery Update Facility as parameterized rewriting rules of the form: "insert an unranked tree from a regular tree lang...
Florent Jacquemard, Michaël Rusinowitch
ICICS
2010
Springer
13 years 8 months ago
Fine-Grained Disclosure of Access Policies
Abstract. In open scenarios, where servers may receive requests to access their services from possibly unknown clients, access control is typically based on the evaluation of (cert...
Claudio Agostino Ardagna, Sabrina De Capitani di V...
COMPSAC
2010
IEEE
13 years 8 months ago
Representing and Reasoning about Web Access Control Policies
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effect...
Gail-Joon Ahn, Hongxin Hu, Joohyung Lee, Yunsong M...
PVLDB
2008
132views more  PVLDB 2008»
13 years 10 months ago
Access control over uncertain data
Access control is the problem of regulating access to secret information based on certain context information. In traditional applications, context information is known exactly, p...
Vibhor Rastogi, Dan Suciu, Evan Welbourne
TDSC
2008
152views more  TDSC 2008»
13 years 10 months ago
Towards Formal Verification of Role-Based Access Control Policies
Specifying and managing access control policies is a challenging problem. We propose to develop formal verification techniques for access control policies to improve the current s...
Somesh Jha, Ninghui Li, Mahesh V. Tripunitara, Qih...
STTT
2008
134views more  STTT 2008»
13 years 10 months ago
Automated verification of access control policies using a SAT solver
Abstract. Managing access control policies in modern computer systems can be challenging and error-prone. Combining multiple disparate access policies can introduce unintended cons...
Graham Hughes, Tevfik Bultan
JHSN
2006
267views more  JHSN 2006»
13 years 10 months ago
Client-side access control enforcement using trusted computing and PEI models
It has been recognized for some time that software alone does not provide an adequate foundation for building a high-assurance trusted platform. The emergence of industry-standard ...
Ravi S. Sandhu, Xinwen Zhang, Kumar Ranganathan, M...