Community computing is an agent-based development paradigm for ubiquitous computing systems. In a community computing system, ubiquitous services are provided by cooperation among agents. While agents cooperate, they interact with each other continuously to access data of other agents and/or to execute other agent’s actions. However, in cases of security-critical ubiquitous services such as med...

This paper offers several contributions for separation of duty (SoD) administration in role-based access control (RBAC) systems. We first introduce a new formal framework, based on business perspective, where SoD constraints are analyzed introducing the activity concept. This notion helps organizations define SoD constraints in terms of business requirements and reduces management complexity in...

wind energy today, has attracted widespread interest from among a variety of sources of renewable energy in the world. owing to the increasing demand for production of electrical energy for electricity networks by using wind power, it is essential that wind power plants are actively incorporated in the network’s performance using an appropriate control system. in general, these wind power plant...

Role-based access control models are receiving increasing attention as a recent generalized approach to access control. In mobile computing environments (that offers location based services), availability of roles and permissions may depend on users location. To cope with the spatial requirements, we extend the existing RBAC model and propose a Spatial Role-based Access Control (SRBAC) model th...

The tasks a system administrator must fulfill become more and more complex as information systems increase in complexity and connectivity. More specifically, the problem of the expression and update of security requirements is central. Formal models designed to express security policies have proved to be necessary since they provide non ambiguous semantics to analyze them. However, such models ...

With the growing use of wireless networks and mobile devices, we are moving towards an era where location information will be necessary for access control. The use of location information can be used for enhancing the security of an application, and it can also be exploited to launch attacks. For critical applications, a formal model for location-based access control is needed that increases th...

Location-Based Access Control (LBAC) systems support the evaluation of conditions on locations in the enforcement of access control policies. The ability to evaluate conditions on a set of authorized locations has a number of well-known advantages, including enriching access control expressiveness. However, when locations are used in combination with personal identities, users privacy must be c...

Enforcing security requires the application of an access control model. The access control models used today have limitations that become evident when applied in collaborative environments, such as medical environments. To overcome these problems, a system has been developed in order to introduce dynamic access security. The system at hand combines effectively (C-TMAC) Team-based access control...

In this paper we show how DAC and MAC security policies can be specified, implemented and validated through mutation testing using a generic approach. This work is based on a generic security framework originally designed to support RBAC and OrBAC security policies and their implementation in Java applications.

Security requirements approached at the enterprise level initiate the need for models that capture the organisational and distributed aspects of information usage. Such models have to express organisation-specific security policies and internal controls aiming to protect information against unauthorised access and modification, and against usage of information for unintended purposes. This diss...