The Experts below are selected from a list of 27126 Experts worldwide ranked by ideXlab platform
Mark Ryan - One of the best experts on this subject based on the ideXlab platform.
-
X-Policy: Knowledge-based Verification Tool for Dynamic Access Control Policies
2013Co-Authors: Hasan Qunoo, Mark RyanAbstract:Verifying the correctness of large, complex and Dynamic Access Control policies by hand is insufficient and error-prone. We present X-policy, a knowledge-based verification tool that can analyse the system's vulnerabilities where the attackers can act as a coalition of users, use the system, share knowledge and collaborate with each other to achieve the attack. We present a policy language that is able to express Dynamic Access Control policies and a corresponding query language. We model the EasyChair conference management system and we analyse in details three security properties of EasyChair using our model. Finally, we compare our results with similar tools and we discuss the results and the advantages of our tool and approach.
-
ICFEM - A knowledge-based verification method for Dynamic Access Control policies
Formal Methods and Software Engineering, 2011Co-Authors: Masoud Koleini, Mark RyanAbstract:We present a new approach for automated knowledge-based verification of Access Control policies. The verification method not only discovers if a vulnerability exists, but also produces the strategies that can be used by the attacker to exploit the vulnerability. It investigates the information needed by the attacker to achieve the goal and whether he acquires that information when he proceeds through the strategy or not. We provide a policy language for specifying Access Control rules and the corresponding query language that is suited for expressing the properties we aim to verify. The policy language is expressive enough to handle integrity constraints and policy invariants. Finally, we compare the results and enhancements of the current method - implemented as a policy verification tool called PoliVer - over similar works in the context of Dynamic Access Control policy verification.
-
Modelling Dynamic Access Control Policies for Web-Based Collaborative Systems
2010Co-Authors: Hasan Qunoo, Mark RyanAbstract:We present a modelling language, called X-Policy, for web-based collaborative systems with Dynamic Access Control policies. The Access to resources in these systems depends on the state of the system and its configuration. The X-Policy language models systems as a set of actions. These actions can model system operations which are executed by users. The X-Policy language allows us to specify execution permissions on each action using complex Access conditions which can depend on data values, other permissions, and agent roles. We demonstrate that X-Policy is expressive enough to model collaborative conference management systems. We model the EasyChair conference management system and we reason about three security attacks on EasyChair.
-
DBSec - Modelling Dynamic Access Control policies for web-based collaborative systems
Lecture Notes in Computer Science, 2010Co-Authors: Hasan Qunoo, Mark RyanAbstract:We present a modelling language, called X-Policy, for web-based collaborative systems with Dynamic Access Control policies. The Access to resources in these systems depends on the state of the system and its configuration. The X-Policy language models systems as a set of actions. These actions can model system operations which are executed by users. The X-Policy language allows us to specify execution permissions on each action using complex Access conditions which can depend on data values, other permissions, and agent roles. We demonstrate that X-Policy is expressive enough to model collaborative conference management systems. We model the EasyChair conference management system and we reason about three security attacks on EasyChair.
Depei Qian - One of the best experts on this subject based on the ideXlab platform.
-
A new Grid security framework with Dynamic Access Control
Lecture Notes in Computer Science, 2004Co-Authors: Bing Xie, Xiaolin Gui, Depei QianAbstract:In this paper, a new Grid security framework based on Dynamic Access Control is introduced to address some security problem in Grid. Based on the Dynamic evaluating results about trusts among resources and users, users secure Access levels are changed Dynamically. The track of users behaviors using resources is criterion for assigning secure levels to different users and for allocating the resources to users in the next application execution. Here, the Dynamic Access Controls are realized by mapping users secure levels to Access rights. In our experiment Grid, the evaluation mechanism of users behaviors is applied to support the Dynamic Access Control to Grid resources.
-
GCC - A New Grid Security Framework with Dynamic Access Control
Lecture Notes in Computer Science, 2004Co-Authors: Bing Xie, Xiaolin Gui, Depei QianAbstract:In this paper, a new Grid security framework based on Dynamic Access Control is introduced to address some security problem in Grid. Based on the Dynamic evaluating results about trusts among resources and users, users secure Access levels are changed Dynamically. The track of users behaviors using resources is criterion for assigning secure levels to different users and for allocating the resources to users in the next application execution. Here, the Dynamic Access Controls are realized by mapping users secure levels to Access rights. In our experiment Grid, the evaluation mechanism of users behaviors is applied to support the Dynamic Access Control to Grid resources.
Hasan Qunoo - One of the best experts on this subject based on the ideXlab platform.
-
X-Policy: Knowledge-based Verification Tool for Dynamic Access Control Policies
2013Co-Authors: Hasan Qunoo, Mark RyanAbstract:Verifying the correctness of large, complex and Dynamic Access Control policies by hand is insufficient and error-prone. We present X-policy, a knowledge-based verification tool that can analyse the system's vulnerabilities where the attackers can act as a coalition of users, use the system, share knowledge and collaborate with each other to achieve the attack. We present a policy language that is able to express Dynamic Access Control policies and a corresponding query language. We model the EasyChair conference management system and we analyse in details three security properties of EasyChair using our model. Finally, we compare our results with similar tools and we discuss the results and the advantages of our tool and approach.
-
Modelling and verifying Dynamic Access Control policies using knowledge-based model checking
2012Co-Authors: Hasan QunooAbstract:This thesis advances the modelling and verification of Access Control policies by using automated knowledge-based symbolic model checking techniques. The key contributions of this thesis are threefold: firstly, a modelling language that expresses Dynamic Access Control policies with compound actions that update multiple variables; secondly, a knowledge-based verification algorithm that verifies properties over an Access Control policy that has compound actions; and finally, an automated tool, called X-Policy, which implements the algorithm. This research enables us to model and verify Access Control policies for web-based collaborative systems. We model and analyse a number of conference management systems and their security properties. We propose the appropriate modifications to rectify the policies when possible. Ultimately, this research will allow us to model and verify more systems and help avoid the current situation.
-
Modelling Dynamic Access Control Policies for Web-Based Collaborative Systems
2010Co-Authors: Hasan Qunoo, Mark RyanAbstract:We present a modelling language, called X-Policy, for web-based collaborative systems with Dynamic Access Control policies. The Access to resources in these systems depends on the state of the system and its configuration. The X-Policy language models systems as a set of actions. These actions can model system operations which are executed by users. The X-Policy language allows us to specify execution permissions on each action using complex Access conditions which can depend on data values, other permissions, and agent roles. We demonstrate that X-Policy is expressive enough to model collaborative conference management systems. We model the EasyChair conference management system and we reason about three security attacks on EasyChair.
-
DBSec - Modelling Dynamic Access Control policies for web-based collaborative systems
Lecture Notes in Computer Science, 2010Co-Authors: Hasan Qunoo, Mark RyanAbstract:We present a modelling language, called X-Policy, for web-based collaborative systems with Dynamic Access Control policies. The Access to resources in these systems depends on the state of the system and its configuration. The X-Policy language models systems as a set of actions. These actions can model system operations which are executed by users. The X-Policy language allows us to specify execution permissions on each action using complex Access conditions which can depend on data values, other permissions, and agent roles. We demonstrate that X-Policy is expressive enough to model collaborative conference management systems. We model the EasyChair conference management system and we reason about three security attacks on EasyChair.
Zhang Yuan-yang - One of the best experts on this subject based on the ideXlab platform.
-
Role-based Dynamic Access Control model for Web Services
Journal of Computer Applications, 2006Co-Authors: Zhang Yuan-yangAbstract:The current Access Control models are mostly static and coarsely grained; they are not well-suited for the service-oriented Web Services environments where information Access is Dynamic. In order to solve this problem, a role-based Dynamic Access Control (RBDAC) model for Web Services was proposed. The RBDAC model can activate role assignments and permission assignments based on context information, and make Access Control decision Dynamically.
Bing Xie - One of the best experts on this subject based on the ideXlab platform.
-
A new Grid security framework with Dynamic Access Control
Lecture Notes in Computer Science, 2004Co-Authors: Bing Xie, Xiaolin Gui, Depei QianAbstract:In this paper, a new Grid security framework based on Dynamic Access Control is introduced to address some security problem in Grid. Based on the Dynamic evaluating results about trusts among resources and users, users secure Access levels are changed Dynamically. The track of users behaviors using resources is criterion for assigning secure levels to different users and for allocating the resources to users in the next application execution. Here, the Dynamic Access Controls are realized by mapping users secure levels to Access rights. In our experiment Grid, the evaluation mechanism of users behaviors is applied to support the Dynamic Access Control to Grid resources.
-
GCC - A New Grid Security Framework with Dynamic Access Control
Lecture Notes in Computer Science, 2004Co-Authors: Bing Xie, Xiaolin Gui, Depei QianAbstract:In this paper, a new Grid security framework based on Dynamic Access Control is introduced to address some security problem in Grid. Based on the Dynamic evaluating results about trusts among resources and users, users secure Access levels are changed Dynamically. The track of users behaviors using resources is criterion for assigning secure levels to different users and for allocating the resources to users in the next application execution. Here, the Dynamic Access Controls are realized by mapping users secure levels to Access rights. In our experiment Grid, the evaluation mechanism of users behaviors is applied to support the Dynamic Access Control to Grid resources.
