Search results for "Access control"

showing 10 items of 79 documents

Enforcing mobile security with location-aware role-based access control

2013

This paper describes how location-aware role-based access control RBAC can be implemented on top of the Geospatial eXtensible Access Control Markup Language GeoXACML. It furthermore sketches how spatial separation of duty constraints both static and dynamic can be implemented using GeoXACML on top of the XACML RBAC profile. The solution uses physical addressing of geographical locations, which facilitates easy deployment of authorisation profiles to the mobile device. Location-aware RBAC can be used to implement location-dependent access control and also other security enhancing solutions on mobile devices, such as location-dependent device locking, firewall, intrusion prevention or payment…

Markup languageGeospatial analysisComputer Networks and CommunicationsComputer scienceSeparation of dutiesbusiness.industryXACML020206 networking & telecommunicationsAccess control02 engineering and technologyComputer securitycomputer.software_genreFirewall (construction)020204 information systems0202 electrical engineering electronic engineering information engineeringRole-based access controlbusinessMobile devicecomputerInformation Systemscomputer.programming_languageComputer networkSecurity and Communication Networks

researchProduct

A Scratch-based Graphical Policy Editor for XACML

2015

This paper proposes a policy-maker-friendly editor for the extensible Access Control Markup Language (XACML) based on the programming language Scratch. Scratch is a blocks-based programming language designed for teaching children programming, which allows users to build programs like a puzzle. We take this concept one step further with an XACML policy editor based on the graphic programming elements of Scratch implemented in Smalltalk. This allows for aiding the user on how to build policies by grouping blocks and operators that fit together and also indicating which blocks that will stick together. It simplifies building the XACML policies while still having an XACML “feel” of the graphic …

Markup languagebusiness.industrycomputer.internet_protocolComputer scienceProgramming languageAuthorizationXACMLAccess controlcomputer.software_genreScratchbusinesscomputerSmalltalkXMLcomputer.programming_languageProceedings of the 1st International Conference on Information Systems Security and Privacy

researchProduct

A space-division time-division multiple access scheme for high throughput provisioning in WLANs

2005

Directional antennas may dramatically increase the capacity of a Wireless LAN by allowing several stations to simultaneously communicate. Since deployment of directive/smart antennas on the customer's terminals is awkward (for technological, cost, robustness, and convenience reasons) it is of interest to deploy advanced antenna solutions only at the Access Point. When omnidirectional transmissions are used at the Mobile Stations, the asynchronous nature of the 802.11 MAC handshake structurally limits the possibility to exploit spatial reuse. Significant throughput enhancements can be achieved only at the expense of redesigning (part of) the 802.11 MAC protocol: mainly a form of synchronizat…

Mobile radioDirectional antennaComputer sciencebusiness.industryComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKSTime division multiple accessSmart antennaMedium access controlThroughputSpace-division multiple accessInterference (wave propagation)Backward compatibilityAsynchronous communicationWireless landirectional antennaDirective antennasbusinessOmnidirectional antennaComputer network

researchProduct

A MAS Security Framework Implementing Reputation Based Policies and Owners Access Control

2006

Multi-agent systems expose users to risks related to lack of knowledge above interacting users. Such systems should provide tools to protect their own resources from illegal accesses by unauthorized users. This paper describes a security framework for Multi-agent systems preventing a trusted agent to interact with malicious agents and granting agent and platform resources. This feature is obtained adding an access control mechanism that joins the benefits of Credential Based Access Control, Role Based Access Control and Mandatory Access Control. Authorizations and access control policies are set by XML based policy files. A case study on a distributed document retrieval system is also illus…

National securityComputer access controlbusiness.industryComputer scienceMulti-agent systemAuthorizationData securityAccess controlComputer securitycomputer.software_genreCredentialMandatory access controlDiscretionary access controlRole-based access controlbusinesscomputer

researchProduct

Towards Modelling Information Security with Key-Challenge Petri Nets

2009

Our global information society is based on distributed wide-area networks. Network security consists of the provisions made in an underlying computer network infrastructure, policies adopted by the network administrator to protect the network-accessible resources from unauthorized access, as well as continuous monitoring and measurement of the network security's effectiveness. In this paper, we describe the use of Petri nets in modelling network security. We propose a new hierarchical method for modelling network attacks and evaluating effectiveness of the corresponding defences. Our model is called Key-Challenge Petri Net (KCPN).

Network administratorNetwork securitybusiness.industryComputer scienceDistributed computingInformation securityProcess architectureComputer security modelPetri netComputer securitycomputer.software_genreSecurity serviceNetwork Access Controlbusinesscomputer

researchProduct

Mobile agents principles of operation

2004

Publisher Summary This chapter discusses the mobile agent technology and summarizes their features, principles of operation and implementation elements. Some development tools are also discussed. The chapter provides general description of mobile agents as an advanced software paradigm, which extends object oriented programming. Then it discusses principles of operation starting from agent intelligent behavior and continuing with mobility, communication, coordination, and fault tolerance. Finally, as for related topics, monitoring, performances, and security issues are discussed in the chapter. Agent monitoring techniques are very useful because they allow users to know which agents are run…

Object-oriented programmingComputer sciencebusiness.industryAccess controlFault toleranceEncryptionInternet securityCommunications securityComputer securitycomputer.software_genreSoftwareMobile agentbusinessHost (network)computer

researchProduct

Decentralized Lightweight Group Key Management for Dynamic Access Control in IoT Environments

2020

Rapid growth of Internet of Things (IoT) devices dealing with sensitive data has led to the emergence of new access control technologies in order to maintain this data safe from unauthorized use. In particular, a dynamic IoT environment, characterized by a high signaling overhead caused by subscribers' mobility, presents a significant concern to ensure secure data distribution to legitimate subscribers. Hence, for such dynamic environments, group key management (GKM) represents the fundamental mechanism for managing the dissemination of keys for access control and secure data distribution. However, existing access control schemes based on GKM and dedicated to IoT are mainly based on ce…

PROTOCOLSCRYPTOGRAPHYComputer Networks and CommunicationsComputer scienceGROUP COMMUNICATIONKey distributionCore networkRESEAU INFORMATIQUEAccess control02 engineering and technologySCALABILITYTECHNOLOGIE SANS FIL[SPI]Engineering Sciences [physics][INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI]TELECOMMUNICATIONForward secrecy0202 electrical engineering electronic engineering information engineeringRekeyingINTERNET OF THINGSElectrical and Electronic EngineeringINTERNETSECURITEDYNAMIC ENVIRONMENTSECURITYIOTTRAITEMENT DES DONNEESbusiness.industryKey distribution center020206 networking & telecommunicationsWIRELESS SENSOR NETWORKSRESEAU DE TELECOMMUNICATIONSGROUP KEY MANAGEMENTINFORMATIQUECommunication in small groupsScalabilityARCHITECTURE CLIENT-SERVEURbusinessCOMPUTER ARCHITECTUREACCESS CONTROLComputer network

researchProduct

Embedded access points for trusted data and resources access in HPC systems

2010

Biometric authentication systems represent a valid alternative to the conventional username-password based approach for user authentication. However, authentication systems composed of a biometric reader, a smartcard reader, and a networked workstation which perform user authentication via software algorithms have been found to be vulnerable in two areas: firstly in their communication channels between readers and workstation (communication attacks) and secondly through their processing algorithms and/or matching results overriding (replay attacks, confidentiality and integrity threats related to the stored information of the networked workstation). In this paper, a full hardware access poi…

PasswordAuthenticationBiometricsbusiness.industryComputer scienceAccess controlInformation SystemFingerprint recognitionTrusted authenticationTheoretical Computer ScienceSoftwareHardware and ArchitectureEmbedded systemEmbedded biometric authentication systemSmart cardSecurity solutions for user authenticationbusinessReplay attackSoftwareInformation SystemsThe Journal of Supercomputing

researchProduct

A novel scheme for privacy preserving in RBAC

2013

Role Based Access Control (RBAC) Model has been proved to be quite useful and has drawn a lot of research interest over the last fifteen years. In this paper we discuss general context-aware RBAC model. We analyze potential privacy threats associated with use of context-aware RBAC and propose a novel scheme that provides privacy-preserving for access models based on RBAC.

Privacy preservingScheme (programming language)ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMSInformation privacySoftware_OPERATINGSYSTEMSComputer scienceAuthorizationRole-based access controlComputer securitycomputer.software_genrecomputercomputer.programming_language2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS)

researchProduct

A TDMA-Based MAC Protocol Supporting Cooperative Communications in Wireless Mesh Networks

2011

This paper proposes a TDMA-based medium access control protocol which enables cooperative communications in multi-hop wireless mesh networks. According to the proposed scheme, each router at the two-hop neighbourhood of each other is allocated to a specific time slot for accommodating either direct or cooperative transmissions in a coordinated manner, controlled by mini-slots which are part of the time slot. Benefiting from the elaborate mini-slot design, channel resources are fairly and efficiently allocated to each router so that no handshake is needed prior to each packet transmission. By providing access priority to cooperative transmission through an optimal relay which is determined b…

RouterHandshakeWireless mesh networkComputer Networks and Communicationsbusiness.industryComputer scienceNetwork packetComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKSTime division multiple accessAccess controlData_CODINGANDINFORMATIONTHEORYlaw.inventionHardware and ArchitectureRelaylawbusinessRelay channelComputer networkInternational journal of Computer Networks & Communications

researchProduct