This paper describes a secure role based messaging system design based on the use of X.509 Attribute Certificates for holding user roles. Access to the messages is authorised by the PERMIS Privilege Management Infrastructure, a policy driven role based access control (RBAC) infrastructure, which allows the assignment of roles to be distributed between trusted issuing authorities, and allows a c...

Business processes enable organizations to achieve business goals. Organizations require that their business processes exchange information in a secure environment. Access control mechanisms must be incorporated into the analysis, modeling, and design of business processes to prevent unauthorized access to information resources, to provide non-repudiation mechanisms, and to allow for segregatio...

one of the main requirements for providing software security is the enforcement of access control policies, which is sometimes referred to as the heart of security. the main purpose of access control policies is to protect resources of the system against unauthorized accesses. any error in the implementation of access control policies may lead to undesirable outcomes. hence, we should ensure th...

This paper describes our approach to designing a secure information grid for cyber physical systems and applications. We discuss access control and accountability for such semantic grid as well as secure infrastructure and storage issues.

Nowadays, Smartphones are widely used and they have a growing market share of already more than 55 % according to recent studies. They often contain sensitive or private data that can easily be accessed by an attacker if the device is unlocked. Since smartphones are mobile and used as everyday gadgets, they are susceptible to get lost or stolen. To prevent the data from being accessed by an att...

This paper proposes a door access control system with mobile phones which allows off-line delegations of an access. A model of door access control with mobile phones is introduced, and then the delegation is formalized as a copy of a door-key. On the previous model, secure copy by off-line is realized using the essential idea of the proxy signature. Moreover, the proposed system is implemented ...

Robust technological enforcement of DRM licenses assumes that the prevention of direct access to the raw bit representation of decrypted digital content and the license enforcement mechanisms themselves is possible. This is difficult to achieve on an open computing platform such as a PC. Recent trusted computing initiatives namely, the Trusted Computing Group (TCG) specification, and Microsoft’...

With the growing interest in service-oriented architectures, achieving seamless interoperability between heterogeneous middleware technologies has become increasingly important. While much work investigating functional interoperability between different middleware architectures has been reported, little practical work has been done on providing a unified and/or interoperable view of security be...

Real-world things are increasingly becoming fully qualified members of the Web. From, pacemakers and medical records to children’s toys and sneakers, things are connected over the Web and publish information that is available for the whole world to see. It is crucial that there is secure access to this Web of Things (WoT) and to the related information published by things on the Web. In this pa...

Storage Area Networks (SAN) are based on direct interaction between clients and storage servers exposing the storage server to network attacks. Giving the client direct access to the storage servers requires verification that the client requests conform with the system protection policy. Today, the only available solutions enforce access control at the granularity of entire storage servers. Thi...