The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, s...

The situation in engineering security for Web services that access databases is as follows: On the one hand, specifications like WSSecurity are concerned with the security management for Web services, while on the other hand there exist well established mechanisms for access control in the area of commercial database systems. In handling security for services that rely on database systems, two ...

There is increasing demand from both organizations and individuals for technology capable of enforcing sophisticated, context-sensitive policies, whether security and privacy policies, corporate policies or policies reflecting various regulatory requirements. In open environments, enforcing such policies requires the ability to reason about the policies themselves as well as the ability to dyna...

Access control systems are among the most critical of computer security components. Faulty policies, misconfigurations, or flaws in software implementations can result in serious vulnerabilities. To formally and precisely capture the security properties that access control should adhere to, access control models are usually written, bridging the gap in abstraction between policies and mechanism...

The rapid emergence of GPS enabled devices, sensors, and mobile equipment in commercial as well as government organizations has led to considerable research in location-based access control schemes. This paper introduces the concept of timeand location-based access control, and shows how role-based access control (RBAC) model can be extended to incorporate these parameters for granting access. ...

Identity management and access control are essential in the enterprise IT landscape in order to control access to applications and to fulfil laws or regulations. The global competition of enterprises leads to short development cycles and fast changes of IT applications, which requires also an error-free and quick adaption of its security. The modeldriven development of access control policies p...

In today’s dynamic ICT environments, the ability to control users’ access to information resources and services becomes ever important. On the one hand, it should adapt to the users’ changing needs; on the other hand, it should not be compromised. Therefore, it is essential to have a flexible specification of access control polices, incorporating dynamically changing context information. The ba...

Chen, Hong Ph.D., Purdue University, December 2009. Analysis of Access Control Poli­ cies in Operating Systems . Major Professor: Ninghui Li. Operating systems rely heavily on access control mechanisms to achieve security goals and defend against remote and local attacks. The complexities of modern access control mechanisms and the scale of policy configurations are often overwhelming to system...