با سلام خدمت کاربران در صورتی که با خطای سیستم پرداخت بانکی مواجه شدید از طریق کارت به کارت (6037997535328901 بانک ملی ناصر خنجری ) مقاله خود را دریافت کنید (تا مشکل رفع گردد).
ردیف | عنوان | نوع |
---|---|---|
1 |
Achieving security-by-design through ontology-driven attribute-based access control in cloud environments
دستیابی به امنیت توسط طراحی از طریق کنترل دسترسی مبتنی بر ویژگی شناسی مبتنی بر هستی شناسی در محیط های ابری-2019 The constantly increasing number of cyberattacks worldwide raise significant security concerns that
generally deter small, medium and large enterprises from adopting the cloud paradigm and benefitting
from the numerous advantages that it offers. One way to alleviate these concerns is to devise suitable
policies that infuse adequate access controls into cloud services. However, the dynamicity inherent in
cloud environments, coupled with the heterogeneous nature of cloud services, hinders the formulation
of effective and interoperable access control policies that are suitable for the underlying domain of
application. To this end, this work proposes an approach to the semantic representation of access control
policies and, in particular, to the semantic representation of the context expressions incorporated in
such policies. More specifically, the proposed approach enables stakeholders to accurately define the
structure of their policies, in terms of relevant knowledge artefacts, and thus infuse into these policies
their particular security and business requirements. This clearly leads to more effective policies, whilst
it enables semantic reasoning about the abidance of policies by the prescribed structure. In order to
alleviate the scalability concerns associated with semantic reasoning, the proposed approach introduces a
reference implementation that extends XACML 3.0 with an expert system fused with reasoning capabilities
through the incorporation of suitable meta-rules. Keywords: Context-aware security | Ontologies | Access control policies | Data privacy | Security-by-design | Semantic reasoning |
مقاله انگلیسی |
2 |
A graph-based framework for the analysis of access control policies
چارچوب مبتنی بر گراف برای تجزیه و تحلیل سیاست های کنترل دسترسی-2017 Article history:Received 18 July 2015Received in revised form 10 October 2016 Accepted 16 October 2016Available online 22 November 2016Keywords: Security policies Access controlOperational semantics Graph-based analysisWe design a graph-based framework for the analysis of access control policies that aims at easing the specification and verification tasks for security administrators. We consider policies in the category-based access control model, which has been shown to subsume many of the most well known access control models (e.g., MAC, DAC, RBAC). Using a graphical representation of category-based policies, we show how answers to usual administrator queries can be automatically computed, and properties of access control policies checked. We show applications in the context of emergency situations, where our framework can be used to analyse the interaction between access control and emergency management. 2016 Elsevier B.V. All rights reserved. Keywords:Security policies | Access control | Operational semantics | Graph-based analysis |
مقاله انگلیسی |
3 |
Towards more pro-active access control in computer systems and networks
به سمت کنترل دسترسی فعال تر در سیستم های کامپیوتری و شبکه-2015 Access control is a core security technology which has been widely used in computer
systems and networks to protect sensitive information and critical resources and to
counter malicious attacks. Although many access control models have been developed in
the past, such as discretionary access control (DAC), mandatory access control (MAC) and
role-based access control (RBAC), these models are designed primarily as a defensive
measure in that they are used for examining access requests and making authorization
decisions based on established access control policies. As the result, even after a malicious
access is identified, the requester can still keep issuing more malicious access requests
without much fear of punitive consequences from the access control system in subsequent
accesses. Such access control may be acceptable in closed systems and networks but is not
adequate in open systems and networks where the real identities and other critical information about requesters may not be known to the systems and networks. In this paper,
we propose to design pro-active access control so that access control systems can respond
to malicious access pro-actively to suit the needs of open systems and networks. We will
first apply some established principles in the Game Theory to analyze current access
control models to identify the limitations that make them inadequate in open systems and
networks. To design pro-active access control (PAC), we incorporate a constraint mechanism that includes feedback and evaluation components and show based on the Game
Theory how to make such access control respond to malicious access in a pro-active
manner. We also present a framework design of PAC and demonstrate through the
implementation of trust-based access control the feasibility of design, implementation and
application of pro-active access control. Such kind of models and mechanisms can serve as
the foundation for the design of access control systems that will be made more effective in
deterring malicious attacks in open systems and networks.
Keywords:
Security
Access control
Game theory
Evaluation
Payoffs
Trust |
مقاله انگلیسی |