The Generalized Temporal Role Based Access Control (GTRBAC) model introduces a large set oftemporal constraint expressions that facilitates the specification of a comprehensive accesscontrol policy. However, the issue of its expressiveness has not been investigated earlier. In thispaper, we present an exhaustive analysis of the expressiveness of the constructs provided byGTRBAC ...

With the apparition of accurate security monitoring tools, the gathered alerts are requiring operators to take action to prevent damage from attackers. Intrusion prevention currently provides isolated response mechanisms that may take a local action upon an attack. While this approach has been taken to enhance the security of particular network access control points, it does not constitute a co...

Access control is a process which control users to execute some operations of access some network resource according to the users identify of attribution. This paper analyzes current access control model, and extends the RBAC (role based access control) model, and based on which we propose a trust based access control model in Multi-domain environment (MDTRBAC). Design a heap-based trust manage...

with rapid development and increase in the amount of available resources in E-learning platforms, the need to design new architecture for such systems has become inevitable to improve the search quality and simplifying ways to take online courses. The integration of multi-agent systems has played a very important role in developing open, interactive and distributed learning systems. A lot of re...

In many collaborative systems, users can trigger the execution of commands in a process owned by another user. Unless the access rights of such processes are limited, any user in the collaboration can: (1) gain access to another's private les; (2) execute applications on another user's behalf; or (3) read public system les, such as the password le, on another user's machine. However, some appli...

The Android software stack for mobile devices defines and enforces its own security model for apps through its application-layer permissions model. However, at its foundation, Android relies upon the Linux kernel to protect the system from malicious or flawed apps and to isolate apps from one another. At present, Android leverages Linux discretionary access control (DAC) to enforce these guaran...

Pervasive-computing infrastructures necessarily collect a lot of context information to disseminate to their context-aware applications. Due to the personal or proprietary nature of much of this context information, however, the infrastructure must limit access to context information to authorized persons. In this paper we propose a new access-control mechanism for event-based contextdistributi...

Separation of duties is an important, real-world requirement that access control models should support. In 13], Sandhu introduced the transaction control expression (TCE) for specifying dynamic separation of duties. In this paper we consider the implementation of TCEs in the typed access matrix model (TAM) recently proposed by Sandhu 16]. We show that TAM requires extension for satisfactory han...

Separation of duties is an important, real-world requirement that access control models should support. In [13], Sandhu introduced the transaction control expression (TCE) for specifying dynamic separation of duties. In this paper we consider the implementation of TCEs in the typed access matrix model (TAM) recently proposed by Sandhu [16]. We show that TAM requires extension for satisfactory h...

Commodity software components are intrinsically untrustworthy. It is highly insecure to use them directly in mission critical systems. Part of the insecurity can be attributed to the common-used but flawed mechanisms for discretionary access control, which is coarsegrained and based on user’s privileges. Many alternative mechanisms have been investigated to provide mandatory access control that...