Security is an essential requirement for business processes. However, we observe that security is mostly addressed at the technical implementation level and not at the design level. In a previous work we motivated the need to address security already in business process modeling. In this paper, we show how one could use Aspect-Oriented Programming (AOP) to enforce security requirements in a mod...

In this technology era every applications depends on networks, it may be local or Internet, Intranet or Extranet, wired or wireless. All networks require strong security consideration to ensure confidentiality and integrity of communication. This paper discusses network security and related issued specifically at Transport layer, which enables true end to end communication between peers. As sec...

The aspect-oriented paradigm aims to modularize concerns that crosscut traditional abstraction boundaries. In the AOSD community, there is an increasing interest in the development of reusable implementations of typical crosscutting concerns, such as security, synchronization, profiling, etc. To employ a reusable aspect in a concrete application, deployment logic has to be written that specifie...

This paper studies security engineering of distributed systems when following the chemical-programming paradigm, represented here by the High-Order Chemical Language (HOCL). We have analysed how to model secure systems using HOCL. Emphasis is on modularity, hence we advocate for the use of aspect-oriented techniques, where security is seen as a cross-cutting concern impacting the whole system. ...

Cyber Physical System (CPS) is extensively used in various fields like critical infrastructure control, vehicular system and transportation, social networking, medical and healthcare systems. The security concern for CPS is of utmost importance. CPS is vulnerable to many kinds of attacks that may cause major loss and potential security risk. In this paper, we will elaborate the requirement of s...

As time and frequency distribution protocols are becoming increasingly common and widely deployed, concern about their exposure to various security threats is increasing. This document defines a set of security requirements for time protocols, focusing on the Precision Time Protocol (PTP) and the Network Time Protocol (NTP). This document also discusses the security impacts of time protocol pra...

This document proposes a framework for security in ANSA. A major concern of ANSA is support for systems that are not part of a common management hierarchy, but which nevertheless need to cooperate. The ANSA security framework shows how security may be provided, both within and between such systems. ANSA has adopted an object-based model to support the requirements of distribution. The ANSA secu...

Several Open Source electronic commerce servers exist today. With Open Source applications, security is a concern. One Open Source electronic commerce suite, WebStore, was downloaded and its documentation and source code were evaluated for security flaws. Disclosure, integrity, and denial of service vulnerabilities exist in the WebStore architecture. Details of these vulnerabilities are present...

The security risks of Internet banking have always been a concern to the service providers and users. There has been a global trend to adopt a multi-factor authentication scheme to increase the security of Internet banking. However, the introduction of two-factor authentication has not been well received. Particularly, there has been a conception that it creates barriers to Internet banking use...

The literature agrees that the major threat to IS security is constituted by careless employees. Therefore, effective IS security requires that users are not only aware of, but also comply with organizations’ IS security policies and procedures. To address this important concern, different IS security awareness, education and enforcement approaches have been proposed. Prior research on IS secur...