DW-RBAC: A formal security model of delegation and revocation in workflow systems

One reason workflow systems have been criticized as being inflexible is that they lack support for delegation. This paper shows how delegation can be introduced in a workflow system by extending the role-based access control (RBAC) model. The current RBAC model is a security mechanism to implement access control in organizations by allowing users to be assigned to roles and privileges to be associated with the roles. Thus, users can perform tasks based on the privileges possessed by their own role or roles they inherit by virtue of their organizational position. However, there is no easy way to handle delegations within this model. This paper tries to treat the issues surrounding delegation in workflow systems in a comprehensive way. We show how delegations can be incorporated into the RBAC model in a simple and straightforward manner. The new extended model is called RBAC with delegation in a workflow context (DW-RBAC). It allows for delegations to be specified from a user to another user, and later revoked when the delegation is no longer required. The implications of such specifications and their subsequent revocations are examined. Several formal definitions for assertion, acceptance, execution and revocation are provided, and proofs are given for the important properties of our delegation framework.     

一种改进的安全文件系统模型设计

如何彻底删除计算机中的数据是当前亟待解决的信息安全问题之一。分析了文件删除的原理,在文件系统驱动层引入了安全访问控制策略和数据覆写技术,提出了一种改进的带有安全删除机制的文件系统模型,解决了数据安全销毁的问题。     

Reflections on ten years of computer security

The progress in computer security in the last ten years is reviewed by the authors of the “Executive Guide for Computer Security.” This Guide was based on the results of a Workshop on Controlled Accessibility held ten years ago in December 1972.     

A survey of issues in computer network security

Computer networks are proliferating rapidly for a number of reasons discussed in this paper. During this boom, relatively little attention has been paid to computer network security. This paper describes problems posed by network security and presents a survey of methods and technologies available today to enhance network security. Current methods are discussed, including information security strategy, computer security and its relation to network security, data communications security, and data encryption. Ideas from promising areas of research close the paper.     

A model for multilevel security in computer networks

A model is presented that precisely describes the mechanism that enforces the security policy and requirements for a multilevel secure network. The mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems connected to the network. The mechanism also controls the access to the network devices by the subjects (users and processes executed on behalf of the users) with different security clearances. The model integrates the notions of nondiscretionary access control and information flow control to provide a trusted network base that imposes appropriate restrictions on the flow of information among the various devices. Utilizing simple set-theoretic concepts, a procedure is given to verify the security of a network that implements the model     

计算机网络应用中的安全性评价及对策研究

在现代社会中,信息技术的发展给人们带来了以前所不可想象的方便与便捷.计算机网络技术作为信息技术的重要方面之一,也得到了前所未有的进步,从而使得信息资源得到充分的分享和高效的利用.然而,人们在享受计算机网络应用的便利的同时,在计算机网络应用过程中所出现的安全性问题也不可忽视.本文在介绍了部分计算机网络应用现状的基础上,分析了计算机网络应用中所出现的一些安全性问题,并在此基础之上探讨和研究了几点解决计算机网络应用安全问题的对策.     

改进的多级安全模型的设计与实现

在分析BLP模型和RBAC模型及其相关衍生模型的基础上,提出一种改进的模型。改进模型主要有4个重要特点：（1）实施完整性控制,保证信息流上写安全性;（2）限定可信主体,赋予其余主体有限特权;（3）实施RBAC模型,分配角色和权限;（4）引入审计机制,提供策略监控。实验结果表明,改进后的模型在完善安全性的同时提高了实用性。     

A distributable security management architecture for enterprise systems spanning multiple security domains

Administering security in modern enterprise systems may prove an extremely complex task. Their large scale and dynamic nature are the main factors that contribute to this fact. A robust and flexible model is needed in order to guarantee both the easy management of security information and the efficient implementation of security mechanisms. In this paper, we present the foundations and the prototypical implementation of a new access control framework. The framework is mainly targeted to highly dynamic, large enterprise systems (e.g., service provisioning platforms, enterprise portals etc.), which contain various independent functional entities. Significant advantages gained from the application of the designated framework in such systems are epitomized in the easiness of managing access to their hosted resources (e.g., services) and the possibility of applying distributable management schemes for achieving it. The proposed framework allows for multi-level access control through the support of both role-based and user-based access control schemes. Discussion is structured in three distinct areas: the formal model of the proposed framework, the data model for supporting its operation, and the presentation of a prototypical implementation. The development of the framework is based on open technologies like XML, java and Directory Services. At the last part of the paper the results of a performance assessment are presented, aiming to quantify the delay overhead, imposed by the application of the new framework in a real system. Ioannis Priggouris received his B.Sc. in Informatics from the Department of Informatics & Telecommunications of the University of Athens, Greece in 1997 and his M.Sc. in Communication Systems and Data Networks from the same Department in 2000. Over the last years he has been a PhD candidate in the department. Since 1999, he has been a member of the Communication Networks Laboratory (CNL) of the University of Athens. As a senior researcher of the CNL he has participated in several EU projects implemented in the context of IST, namely the EURO-CITI and the PoLoS projects. He has also been extensively involved in several National IT Research projects. His research interests are in the areas of mobile computing, QoS and mobility support for IP networks, and network security. He is the author of several papers and book chapters in the aforementioned areas. Stathes Hadjiefthymiades received his B.Sc. (honors) and M.Sc. in Informatics from the Dept. of Informatics, University of Athens, Greece, in 1993 and 1996 respectively. In 1999 he received his Ph.D. from the University of Athens (Dept. of Informatics and Telecommunications). In 2002 he received a joint engineering-economics M.Sc. from the National Technical University of Athens. In 1992 he joined the Greek consulting firm Advanced Services Group, Ltd., where he was involved in the analysis, design and implementation of telematic applications and other software systems. In 1995 he joined, as research engineer, the Communication Networks Laboratory (UoA-CNL) of the University of Athens. During the period September 2001-July 2002, he served as a visiting assistant professor at the University of Aegean, Dept. of Information and Communication Systems Engineering. On the summer of 2002 he joined the faculty of the Hellenic Open University (Dept. of Informatics), Patras, Greece, as an assistant professor. Since December 2003, he is in the faculty of the Dept. of Informatics and Telecommunications, University of Athens, where he is presently an assistant professor and coordinator of the Pervasive Computing Research Group. He has participated in numerous projects realized in the context of EU programs (ACTS, ORA, TAP, and IST), EURESCOM projects, as well as national initiatives. His research interests are in the areas of web engineering, wireless/mobile computing, and networked multimedia applications. He is the author of over 100 publications in the above areas.     

A guide to NBS computer security literature

This bibliography lists the many special reports and technical studies in the field of computer security that have been published by the U.S. National Bureau of Standards [NBS]. In addition to an abstract of each of the published volumes, there is an index of key topics included in the more than 40 volumes.     

侵略型中国墙安全模型的RBAC配置的扩展研究

中国墙安全模型是商业信息安全领域中的一个重要的安全策略模型,但是它缺少有效的实施模型和机制。研究了侵略型中国墙安全模型的利益冲突关系、数据组织等,分析了基于角色的访问控制（RBAC）模型的控制机制,利用RBAC的“策略中性”原理,配置RBAC实施侵略型中国墙安全模型,并举例配置了拥有5个有利益冲突公司的RBAC模型。通过对RBAC的配置,使得侵略型中国墙安全模型可以更加方便有效地实施。     

A hybrid intrusion detection system design for computer network security

Intrusions detection systems (IDSs) are systems that try to detect attacks as they occur or after the attacks took place. IDSs collect network traffic information from some point on the network or computer system and then use this information to secure the network. Intrusion detection systems can be misuse-detection or anomaly detection based. Misuse-detection based IDSs can only detect known attacks whereas anomaly detection based IDSs can also detect new attacks by using heuristic methods. In this paper we propose a hybrid IDS by combining the two approaches in one system. The hybrid IDS is obtained by combining packet header anomaly detection (PHAD) and network traffic anomaly detection (NETAD) which are anomaly-based IDSs with the misuse-based IDS Snort which is an open-source project.The hybrid IDS obtained is evaluated using the MIT Lincoln Laboratories network traffic data (IDEVAL) as a testbed. Evaluation compares the number of attacks detected by misuse-based IDS on its own, with the hybrid IDS obtained combining anomaly-based and misuse-based IDSs and shows that the hybrid IDS is a more powerful system.     

浅析计算机网络安全隐患及防范策略

随着科学技术水平的提升,当前计算机网络已经渗透到我们生活各个领域,影响着我们的工作学习方式,与此同时,网络安全问题也愈发的凸显出来。因为计算机网路自身的开放性质,很容易出现各方面的安全隐患,所以了解计算机网络安全问题的发生原因,并针对性的实施可行措施予以防范应对,是计算机专业领域的关键任务。     

Modeling contextual security policies

As computer infrastructures become more complex, security models must provide means to handle more flexible and dynamic requirements. In the Organization Based Access Control (OrBAC) model, it is possible to express such requirements using the notion of context. In OrBAC, each security rule (permission, prohibition, obligation or dispensation) only applies in a given context. A context is viewed as an extra condition that must be satisfied to activate a given security rule. In this paper, we present a taxonomy of different types of context and investigate the data the information system must manage in order to deal with these different contexts. We then explain how to model and evaluate them in the OrBAC model.

Data security in terminalized system

The use of terminalised systems has increased vulnerability and threats in banking services. Some of the risks will be discussed in this paper. Protection through the use of an access system is described in detail. Protection of cards and telecommunication system is also described. As conclusion, there are some suggestions on how to lower the risks in a terminalised EDP system.     

关于计算机网络安全的研究

随着计算机网络的日益复杂化和多样化,现阶段的系统安全防范措施已经无法满足现阶段的需求。因此,计算机网络安全的研究成为了一项十分紧急又重要的任务。笔者作为一名相关领域的工作者,也积极投入其中。本文从现阶段网络安全背景出发,对网络安全的风险分析和系统设计进行了相关介绍。对于计算机网络安全的研究人员,具有一定的参考价值。     

计算机网络的安全防范技术分析

近年来,随着我国科学技术的日益发展进步,计算机的应用越来越普及,在人们日常生活和工作中发挥着重要作用,影响着人们的生活质量和社会的发展。而且计算机的使用人群很广泛,不论是教师、公务员、医生或者农民、工人等等,都在逐渐接触它,无疑将是人类生存的重要助手。但正是如此,在使用计算机的过程中暴露了许许多多的问题,给人类带来了伤害,我们应该主动去防范,本文正是对此进行研究。     

计算机数据库安全防范策略探讨

计算机帮助人们解决了许多生活和工作上的问题,实现了生活中的“地球村”,但是与此同时,计算机在被广泛的应用中也存在着许多安全方面的问题,给人们的日常生活造成了困扰和损失。本文通过研究计算机数据库安全的重要性,给计算机数据库安全防范提出了一些建议和看法。     

Role engineering: From design to evolution of security schemes

This paper presents a methodology to design the RBAC (Role-Based Access Control) scheme during the design phase of an Information System. Two actors, the component developer and the security administrator, will cooperate to define and set up the minimal set of roles in agreement with the application constraints and the organization constraints that guarantee the global security policy of an enterprise. In order to maintain the global coherence of the existing access control scheme, an algorithm is proposed to detect the possible inconsistencies before the integration of a new component in the Information System.     

Enforcing the security of a time-bound hierarchical key assignment scheme

A time-bound hierarchical key assignment scheme is a method to assign a cryptographic key to each class of users in a system organized as a partially ordered hierarchy, in such a way that key derivation is constrained both by class relationships and by time. Recently, a time-bound hierarchical key assignment scheme based on tamper-resistant devices and requiring low computational load and implementation cost has been proposed. Unfortunately, the scheme is not secure.In this paper we show how three malicious users can handle public and private information to misuse their tamper-resistant devices in order to compute some encryption keys that they should not be able to learn. We also show some countermeasures to withstand the weakness we have exploited.