بحث بسيط
السجلات المعروضة 2471 -- 2480 من 2578
Managing Security Control Assumptions Using Causal Traceability
(
Institute of Electrical and Electronics Engineers Inc.
, 2015 , Conference Paper)
Security control specifications of software systems are designed to meet their security requirements. It is difficult to know both the value of assets and the malicious intention of attackers at design time, hence assumptions ...
Constraint-enhanced role engineering via answer set programming
(
Association for Computing Machinery
, 2012 , Conference Paper)
Role engineering (RE) aims to develop and maintain appropriate role-based access control (RBAC) configurations. However, RE with constraints in place is not well-studied. Constraints usually describe organizations' security ...
Compliance checking for usage-constrained credentials in trust negotiation systems
(
Springer Berlin Heidelberg
, 2012 , Conference Paper)
We propose an approach to placing usage-constraints on RT credentials; issuers specify constraints by designing non-deterministic finite automata. We show by examples that this approach can express constraints of practical ...
Traceability for adaptive information security in the cloud
(
IEEE Computer Society
, 2014 , Conference Paper)
One of the key challenges in cloud computing is the security of the consumer data stored and processed by cloud machines. When the usage context of a cloud application changes, or when the context is unknown, there is a ...
Profile-based security assurances for service software
(
Springer Verlag
, 2011 , Conference Paper)
In service software, it is highly desirable to have a service composition mechanism that supports automatic reasoning about the security assurances of services. Service consumers such as human, machine, even application ...
Cloud computing without seeing
(
Association for Computing Machinery
, 2011 , Conference Paper)
In the emerging cloud computing model, security is of paramount concern. This paper discusses the need for practical techniques that enable private outsourcing on the cloud by allowing the service provider to work on ...
Automatic verification of health regulatory compliance in cloud computing
(
IEEE
, 2013 , Conference Paper)
This paper aims to develop an approach that enables cloud computing clients to verify health regulatory compliance claimed by cloud computing providers. In this approach, clients of cloud computing could check automatically ...
Social access control language (SocACL)
(
Association for Computing Machinery
, 2013 , Conference Paper)
Online Social Networks hold vast amounts of readily accessible personal information leaving them particularly vulnerable to privacy breach attacks [6]. With the impact these breaches varying from simply embarrassing the ...
Tracking and constraining authorization provenance
(
Springer Berlin Heidelberg
, 2012 , Conference Paper)
Authorization provenance concerns how an authorization is derived. It appears important to define authorization provenance to (1) analyze policy bases, (2) defend against a class of attacks, and (3) audit authorizations. ...
A Process Model for Customisation of Software in Multi-tenant SaaS Model
(
Institute of Electrical and Electronics Engineers Inc.
, 2015 , Conference Paper)
This paper outlines a generic process framework for customisation of software in cloud computing. The flexibility for client-specific customisation of the software offered by software-as-a-service (SaaS) is limited. The ...