Semantic analysis of role mining results and shadowed roles detection
The use of role engineering has grown in importance with the expansion of highly abstracted access control frameworks in organizations. In particular, the use of role mining techniques for the discovery of roles from previously ...
Bridging the gap between role mining and role engineering via migration guides
In the context of role-based access control (RBAC), mining approaches, such as role mining or organizational mining, can be applied to derive permissions and roles from a system's configuration or from log files. In this way, mining ...
Analyses of two end-user software vulnerability exposure metrics (extended version)
Understanding the exposure risk of software vulnerabilities is an important part of the software ecosystem. Reliable software vulnerability metrics allow end-users to make informed decisions regarding the risk posed by the choice of ...
Analyzing settings for social identity management on Social Networking Sites: Classification, current state, and proposed developments
The rising prevalence of Social Networking Sites (SNS) and their usage in multiple contexts poses new privacy challenges and increasingly prompts users to manage their online identity. To address privacy threats stemming from ...
Toward web-based information security knowledge sharing
Today IT security professionals are working hard to keep a high security standard for their information systems. In doing so, they often face similar problems, for which they have to create appropriate solutions. An exchange of ...
Oblivious and fair server-aided two-party computation
We show efficient, practical (server-aided) secure two-party computation protocols ensuring privacy, correctness and fairness in the presence of malicious (Byzantine) faults. Our requirements from the server are modest. To ensure ...
InnoDB database forensics: Enhanced reconstruction of data manipulation queries from redo logs
The InnoDB storage engine is one of the most widely used storage engines for MySQL. This paper discusses possibilities of utilizing the redo logs of InnoDB databases for forensic analysis, as well as the extraction of the information ...
On measuring the parasitic backscatter of sensor-enabled UHF RFID tags
Radio-frequency identification (RFID) tags have found their way into many applications. When tags implement cryptographic algorithms, side-channel analysis (SCA) attacks become a concern. Especially tags in the ultra-high frequency (...
