One of the most important features of XML-based Web services is that they can be easily accessed over the Internet, but this makes them vulnerable to a series of security threats. What makes security for web services so challenging is their distributed and heterogeneous nature. Access control policy specification for controlling access to Web services is then becoming an emergent research area ...

Privacy technologies are becoming more relevant, because individual privacy is at risk in the Global Information Society. In this paper, an updated version of a formal task-based privacy-model which can be used to technically enforce legal privacy requirements is presented. It is shown, how the privacy policy has been specified and implemented according to the Generalized Framework for Access C...

Communications regulators over the next decade will spend increasing time on conflicts between the interests of broadband providers and the public’s interest in competitive innovation environment on the internet. As the policy questions this conflict raises are basic to communications policy, they are likely to appear in many different forms. So far, the first major appearance has come in the “...

Decentralized online social networks (DOSNs) have adopted quite coarse-grained policies for sharing messages with friends of friends (i.e., resharing). They either forbid it completely or allow resharing of messages only without any possibility to constrain their subsequent distribution. In this article, we present a novel enforcement mechanism for securing resharing in DOSNs by relationship-ba...

An important issue in mobile computing systems is the administration of locationbased access control policies, particularly the mechanism for specification and enforcement of spatial constraints. Simplifying the administration of such policies requires a mechanism that supports both an intuitive and scalable spatial constraint specification and a flexible enforcement architecture. In this paper...

The XACML standard defines an XML based language for defining access control policies and a related processing model. Recent work aims to add delegation to XACML in order to express the right to administrate XACML policies within XACML itself. The delegation profile draft explains how to validate the right to issue a policy, but there are no provisions for removing a policy. This paper proposes...

Security and privacy have emerged as important issues owing to the proliferation of social networking site. Sharing and distribution of relationship-based information on social network sites can have a serious impact on an individual’s activity; moreover, it can exert a negative influence on the overall information society. To solve security and privacy issues of social networking, we introduce...

Role-based access control (RBAC) is a powerful means for laying out and developing higher-level organizational policies such as separation of duty, and for simplifying the security management process. One of the important aspects of RBAC is authorization constraints that express such organizational policies. While RBAC has generated a great interest in the security community, organizations stil...

A Virtual Organization (VO) consists of some real organizations with common interests, which aims to provide inter organizational associations to reach some common goals by sharing their resources with each other. Providing security mechanisms, and especially a suitable access control mechanism, which enforces the defined security policy is a necessary requirement in VOs. Since VO is a complex ...

This paper argues that Haigh and Young’s definition of noninterference for intransitive security policies admits information flows that are not in accordance with the intuitions it seeks to formalise. Several alternative definitions are discussed, which are shown to be equivalent to the classical definition of noninterference with respect to transitive policies. Rushby’s unwinding conditions fo...