An Introduction to the Role Based Trust Management Framework RT
AbstractTrust Management (TM) is a novel flexible approach to access control in distributed systems, where the access control decisions are based on the policy statements, called credentials, made by...
View ArticleThe Meaning of Logs
AbstractWhile logging events is becoming increasingly common in computing, in communication and in collaborative environments, log systems need to satisfy increasingly challenging (if not conflicting)...
View ArticleTrust Management in P2P Systems Using Standard TuLiP
In this paper we introduce Standard TuLiP - a new logic based Trust Management system. In Standard TuLiP, security decisions are based on security credentials, which can be issued by different entities...
View ArticleBoosting Web Intrusion Detection Systems by Inferring Positive Signatures
AbstractWe present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two...
View ArticleKnow What You Trust
AbstractIn Decentralized Trust Management (DTM) authorization decisions are made by multiple principals who can also delegate decisions to each other. Therefore, a policy change of one principal will...
View ArticlePanacea: Automating Attack Classification for Anomaly-Based Network Intrusion...
AbstractAnomaly-based intrusion detection systems are usually criticized because they lack a classification of attacks, thus security teams have to manually inspect any raised alert to classify it. We...
View ArticleLP with Flexible Grouping and Aggregates Using Modes
AbstractWe propose a new grouping operator for logic programs based on the bagof predicate. The novelty of our proposal lies in the use of modes, which allows us to prove properties regarding...
View ArticleModel-based qualitative risk assessment for availability of IT infrastructures
AbstractFor today’s organisations, having a reliable information system is crucial to safeguard enterprise revenues (think of on-line banking, reservations for e-tickets etc.). Such a system must often...
View ArticleN-Gram against the Machine: On the Feasibility of the N-Gram Network Analysis...
AbstractIn recent years we have witnessed several complex and high-impact attacks specifically targeting “binary” protocols (RPC, Samba and, more recently, RDP). These attacks could not be detected by...
View ArticleRisk and Business Goal Based Security Requirement and Countermeasure...
AbstractCompanies are under pressure to be in control of their assets but at the same time they must operate as efficiently as possible. This means that they aim to implement “good-enough security” but...
View ArticleThe POLIPO Security Framework
AbstractSystems of systems are dynamic coalitions of distributed, autonomous and heterogeneous systems that collaborate to achieve a common goal. While offering several advantages in terms of...
View ArticlePolicy Administration in Tag-Based Authorization
AbstractTag-Based Authorization (TBA) is a hybrid access control model that combines the ease of use of extensional access control models with the expressivity of logic-based formalisms. The main...
View ArticleLinking Unlinkability
AbstractUnlinkability is a privacy property of crucial importance for several systems (such as RFID or voting systems). Informally, unlinkability states that, given two events/items in a system, an...
View ArticleOn Emulation-Based Network Intrusion Detection Systems
AbstractEmulation-based network intrusion detection systems have been devised to detect the presence of shellcode in network traffic by trying to execute (portions of) the network packet payloads in an...
View ArticleHunting the Unknown
AbstractData leakage causes significant losses and privacy breaches worldwide. In this paper we present a white-box data leakage detection system to spot anomalies in database transactions. We argue...
View ArticleExperimental Validation of a Risk Assessment Method
Abstract[Context and motivation] It is desirable that requirement engineering methods are reliable, that is, that methods can be repeated with the same results. Risk assessments methods, however, often...
View Article
