SACMAT

The category-based access control metamodel provides an axiomatic framework for the specification of access control models. In this talk, we give an overview of the category-based approach to access control, obligation and privacy policy specification.

Spreadsheets are enormously popular because they enable non-programmers to create applications that manipulate tabular data. The core functionality of many web applications is to display and manipulate tabular data, typically stored in databases. These ...

Authentication and access control mechanisms should verify the identity of users of a system and ensure that these users only act within their intended permissions. These mechanisms, alongside audit or intrusion detection, have been called the "...

Privacy concerns are amongst the core issues that will constrain the adoption of distributed anomaly detection. Indeed, when outsourcing anomaly detection, i.e. with a party other than the data owner running the detection, confidential or private aspects ...

Third-Party Unmanned Aerial Vehicle (UAV) Services, a.k.a. Drone-as-a-Service (DaaS), are an increasingly adopted business model, which enables possibly unskilled users, with no background knowledge, to operate drones and run automated drone-based tasks. ...

Synthetic data generation plays a crucial role in many areas where data is scarce and privacy/confidentiality is a significant concern. Generative Adversarial Networks (GANs), arguably one of the most widely used data synthesis techniques, allow for the ...

In this demo paper, we introduce MBBS - a tetra-model behavioral biometric authentication scheme for smartphones. MBBS leverages four modalities: the way a smartphone user (i) swipes on the touchscreen, (ii) taps any combination of ''text-independent" 8-...

We introduce a novel framework for efficient enforcement of Attribute-Based Access Control (ABAC) policies using trusted execution environment. An ABAC policy is represented in the form of a height-balanced tree constructed and deployed in the trusted ...

The deployment of 5G technology has the potential to usher in a new era for the internet of things (IoT). The introduction of new use cases, such as massive machine-type communications (mMTC), referring to a large number of IoT devices, resulting in the ...

Humanoid robots will be able to assist humans in their daily life, in particular due to their versatile action capabilities. However, while these robots need a certain degree of autonomy to learn and explore, they also should respect various constraints, ...

The significant rise in the usage of IoT devices and their security issues has created a demand for improved security for these systems. Unfortunately, no standard IoT architecture exists, making the development of security solutions for IoT systems ...

To resolve disputes between servicers providing web services and their users, non-repudiable evidence is crucial because it allows one party to dismiss the denial of facts or false allegations. We propose a logger that securely records web requests and ...

Data science is the basis for various disciplines in the Big-Data era. Due to the high volume, velocity, and variety of big data, data owners often store their data in data servers. Past few years, many computation techniques have emerged to protect the ...

Mobile Augmented Reality (MAR) is a portable, powerful, and suitable technology that integrates digital content, e.g., 3D virtual objects, into the physical world, which not only has been implemented for multiple intents such as shopping, entertainment, ...

Access control policies (ACPs) are natural language statements that describe criteria under which users can access resources. We focus on constructing NIST Next Generation Access Control (NGAC) ABAC model from ACP statements. NGAC is more complex than ...

Ensuring security is crucial in smart home settings, where only authorized users should have access to home devices. Over the past decade, researchers have focused on developing access control policies and evaluating their efficacy in preventing ...

In authorization logics, it is natural to treat computations as principals, since systems need to decide how much authority to give computations when they execute. But unlike other kinds of principals, the authority that we want to give to computations ...

Commercially-available software defined networking (SDN) technologies will play an important role in protecting the on-premises resources that remain as enterprises transition to zero trust architectures. However, existing solutions assume the entire ...

The problem of learning access control policies is receiving increasing attention in research. We contribute to the foundations of this problem by posing and addressing meaningful questions on computational hardness. Our work addresses learning access ...

Our vision is to achieve societally responsible secure and trustworthy cyberspace that puts algorithmic and technological checks and balances on the indiscriminate sharing and analysis of data. We achieve this vision in a holistic manner by framing ...

Microservice architectures decompose web applications into loosely-coupled, distributed components that interact with each other to provide an overall service. While this popular software architecture paradigm has many advantages in development and ...

Obtaining an accurate specification of the access control policy enforced by an application is essential in ensuring that it meets our security/privacy expectations. This is especially important as many of real-world applications handle a large amount ...

The administrative obligation is a unique feature of Next Generation Access Control (NGAC), a standard for implementing fine-grained attribute-based access control. It provides a programming mechanism for run-time privilege changes by attaching ...

In the context of multi-user cooperative systems and, in particular, in social networks, personal data is uploaded to user profiles and shared with other users. These data are often jointly owned and associated with different degrees of sensitivity ...

Modern system architectures require sophisticated access and usage control mechanisms. The need stems from demanding requirements for security, data sovereignty and privacy regulations, as well as the challenges presented by architectural approaches like ...

Designing access control policies is often expensive and tedious due to the heterogeneous systems, services, and diverse user demands. Although ABAC policy and decision engine creation methods based on machine learning have been proposed, they cannot ...