In this paper, we investigate issues pertaining to the assessment of the impact of classification mining on database security. Specifically, the security threat presented by a category of classification mining algorithms that we refer to as decision-region based is analyzed. Providing safeguards against this threat requires, in part, the development of new security policies. Our specific contri...

We show how a wide variety of role-based access control policies may be formally specified in the stratified subset of clause form logic. We then show how these formal specifications may be automatically translated into a small subset of SQL to be used to seamlessly protect a relational database from unauthorized read and update requests made by authenticated users. We demonstrate the power of ...

Many modern software platforms today, including browsers, middle-ware server architectures, cell phone operating systems, web application engines, support third-party software extensions. This paper proposes InvisiType, an object-oriented approach that enables platform developers to efficiently enforce fine-grain safety checks on third-party extensions without requiring their cooperation. This ...

Personalized security in E-banking is an important issue for many individuals and companies that are looking for achieving the proper level of security. The cloud environment is a suitable infrastructure to implement personalized security mechanisms for many big companies such as banks. Employing mandatory access controls boosts the security of E-banking to a high level. Flask architecture is t...

In today's eld of distributed architectures there is a need for environments allowing the easy development of applications consisting of heterogeneous software modules and running on heterogeneous hardware platforms. From the security point of view, the challenge for such environments is to permit the interop-eration between applications specifying diierent, possibly inconsistent security polic...

In today's eld of distributed architectures there is a need for environments allowing the easy development of applications consisting of heterogeneous software modules and running on heterogeneous hardware platforms. From the security point of view, the challenge for such environments is to permit the interoperation between applications specifying di erent, possibly inconsistent security polici...

With the increase in information accessibility, security and privacy of data is a key concern, underscoring the need for managing security of system resources and objects in an enterprise. One of the most popular access control management approaches is to abstract security administration tasks by employing system and security policies [1]. While policy based security management approach offers ...

Workflow applications for large complex organizations often need to cross several security domains, each with different management and specific security requirements. The resultant cross-dependency between the workflow specification and the security policy of each domain can be hard to manage without specific tools. This work presents a static analyzer that automatically verifies the consistenc...