Sciweavers

DBSEC
2010
128views Database» more  DBSEC 2010»
13 years 11 months ago
On the Identification of Property Based Generalizations in Microdata Anonymization
Abstract. Majority of the search algorithms in microdata anonymization restrict themselves to a single privacy property and a single criteria to optimize. The solutions obtained ar...
Rinku Dewri, Indrajit Ray, Indrakshi Ray, Darrell ...
DBSEC
2010
113views Database» more  DBSEC 2010»
13 years 11 months ago
A Logic of Privacy
Abstract. We consider the problem of developing an abstract metamodel of access control in terms of which policies for protecting a principal's private information may be spec...
Steve Barker, Valerio Genovese
DBSEC
2010
123views Database» more  DBSEC 2010»
13 years 11 months ago
Evaluating the Risk of Adopting RBAC Roles
We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making...
Alessandro Colantonio, Roberto Di Pietro, Alberto ...
DBSEC
2009
122views Database» more  DBSEC 2009»
14 years 16 days ago
An Approach to Security Policy Configuration Using Semantic Threat Graphs
Managing the configuration of heterogeneous enterprise security mechanisms is a wholly complex task. The effectiveness of a configuration may be constrained by poor understanding a...
Simon N. Foley, William M. Fitzgerald
DBSEC
2009
124views Database» more  DBSEC 2009»
14 years 16 days ago
Towards System Integrity Protection with Graph-Based Policy Analysis
Abstract. Identifying and protecting the trusted computing base (TCB) of a system is an important task, which is typically performed by designing and enforcing a system security po...
Wenjuan Xu, Xinwen Zhang, Gail-Joon Ahn
DBSEC
2009
112views Database» more  DBSEC 2009»
14 years 16 days ago
Distributed Anonymization: Achieving Privacy for Both Data Subjects and Data Providers
There is an increasing need for sharing data repositories containing personal information across multiple distributed and private databases. However, such data sharing is subject t...
Pawel Jurczyk, Li Xiong
DBSEC
2009
130views Database» more  DBSEC 2009»
14 years 16 days ago
Implementing Reflective Access Control in SQL
Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege in an access control ...
Lars E. Olson, Carl A. Gunter, William R. Cook, Ma...
DBSEC
2009
110views Database» more  DBSEC 2009»
14 years 16 days ago
Distributed Privilege Enforcement in PACS
Abstract. We present a new access control mechanism for P2P networks with distributed enforcement, called P2P Access Control System (PACS). PACS enforces powerful access control mo...
Christoph Sturm, Ela Hunt, Marc H. Scholl
DBSEC
2009
110views Database» more  DBSEC 2009»
14 years 16 days ago
Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients
Existing approaches for protecting sensitive information stored (outsourced) at external "honest-but-curious" servers are typically based on an overlying layer of encrypt...
Valentina Ciriani, Sabrina De Capitani di Vimercat...
DBSEC
2009
163views Database» more  DBSEC 2009»
14 years 16 days ago
A Trust-Based Access Control Model for Pervasive Computing Applications
With the rapid growth in wireless networks and sensor and mobile devices, we are moving towards an era of pervasive computing. Access control is challenging in these environments. ...
Manachai Toahchoodee, Ramadan Abdunabi, Indrakshi ...