Physical keys are easy to use but difficult to manage securely for large institutions. Digital replacements have been created, but dedicated hardware such as smartcards or RFID tags can have the same problems as physical keys. Several commercial products try to solve this by using the users’ Bluetoothenabled mobile devices as keys, but the built-in security of the Bluetooth standard is insuffic...

In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: 1) if policies are complex, their enforcement can lead to performance decay of database servers; 2) when modifications in...

We present a method for mapping security levels among the components of a distributed system where data in the local sources are represented in XML. Distributed data is integrated using a semantic-based approach that maps each XML schema into an RDF schema and subsequently integrates those schemas into a global RDF schema using a global as view (GAV) approach. We transform the security levels d...

There have been m any studies ofthe m anagem entofpersonalsecretssuch asPIN codes,passwords,etc.,in access controlm echanism s. The leakage of personal secrets is one of the m ost significant problem s in access control. To reducesuch risks,wesuggesta way ofauthenticating custom ers withouttransferring explicitcustom ersecrets.Furtherm ore,wegivea secureonline transaction schem e based on ourac...

Outsourcing data to cloud environments can offer ease of access, provisioning, and cost benefits, but makes the data more vulnerable to disclosure. Loss of complete control over the data can be offset through encryption, but this approach requires an omniscient third party key authority to handle key management, increasing overhead complexity. We present the ZeroVis framework that provides conf...

Android devices are increasingly used in corporate settings. Although openness and cost-effectiveness are key factors to opt for the platform, its level of data protection is often inadequate for corporate use. This paper presents a strategy for secure credential and data storage in Android. It is supplemented by a context-aware mechanism that restricts data availability according to predefined...

Pervasive communication and forward-error correction have garnered minimal interest from both end-users and security experts in the last several years. Given the current status of unstable configurations, statisticians shockingly desire the deployment of extreme programming, which embodies the typical principles of algorithms. In order to answer this question, we concentrate our efforts on argu...

The intent of peer data management systems (PDMS) is to share as much data as possible. However, in many applications leveraging sensitive data, users demand adequate mechanisms to restrict the access to authorized parties. In this paper, we study a distributed access control model, where data items are stored, queried and authenticated in a totally decentralized fashion. Our contribution focus...

Distributed implementations of access control abound in distributed storage protocols. While such implementations are often accompanied by informal justifications of their correctness, our formal analysis reveals that their correctness can be tricky. In particular, we discover several subtleties in a state-of-the-art implementation based on capabilities, that can undermine correctness under a s...

Hierarchical access control to ensure multiple levels of access privilege for group members is required in many environments, such as hierarchically managed organizations and multimedia applications. In this paper, to efficiently and effectively achieve this goal, we propose a distributed key management scheme whereby each SG (Service Group) maintains an SG server. This server is utilized to ma...