Poster: Towards Secure Web 2.0 User Content Sharing Beyond Walled Gardens
Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we...
View ArticleSpeculative Authorizations
In a large-scale enterprise system, making authorization decisions is often computationally expensive due to the complexity of the policies involved and the large size of the resource and user...
View ArticleAnalysis of ANSI RBAC Support in Commercial Middleware
This thesis analyzes the access control architectures of three middleware technologies: Common Object Request Broker Architecture (CORBA), Enterprise Java Beans (EJB), and Component Object Model...
View ArticleToward Improving Availability and Performance of Enterprise Authorization...
In currently deployed large enterprise systems, policy enforcement points (PDPs) are commonly implemented as logically centralized authorization servers. This centralization provides important...
View ArticleRevealing Hidden Context: Improving Mental Models of Personal Firewall Users
The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. However, concealing the impact of network context on the security state of...
View ArticlePoster: Toward Enabling Secure Web 2.0 Content Sharing Beyond Walled Gardens
Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we...
View ArticleTowards Web 2.0 Content Sharing Beyond Walled Gardens
Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this presentation,...
View ArticleOpen Problems in Web 2.0 User Content Sharing
Users need useful mechanisms for sharing their Web 2.0 content with each other in a controlled manner across boundaries of content-hosting and service providers (CSPs). In this paper, we discuss open...
View ArticleRevealing Hidden Context: Improving Mental Models of Personal Firewall Users
The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. However, concealing the impact of network context on the security state of the...
View ArticleUser Centered Design of ITSM Tools
IT Security Management (ITSM) requires collaboration between diverse stakeholders, has an environment of numerous technological and business specializations (is complex), has many issues that need to...
View ArticleTowards Enabling Web 2.0 Content Sharing Beyond Walled Gardens
Web 2.0 users have many choices of content-hosting or application-service providers (CSPs). It can be difficult for a user to share content with a set of real-life friends and associates; intended...
View ArticleRetrofitting Existing Web Applications with Effective Dynamic Protection...
This paper presents an approach for retrofitting existing web applications with run-time protection against known as well as unseen SQL injection attacks (SQLIAs) without the involvement of application...
View ArticleEffectiveness of IT Security Tools in Practice
In today's world, IT security plays a critical role in different organizations, yet little is known about IT security in the context of organizations. This paper addresses this issue based on...
View ArticleRevealing Hidden Context: Improving Users' Mental Models of Personal Firewalls
Windows Vista’s personal firewall provides its diverse users with a basic interface that hides many operational details. However, our study of this interface revealed that concealing the impact of...
View ArticleTowards Understanding Diagnostic Work During the Detection and Investigation...
This study investigates how security practitioners perform diagnostic work during the identification of security incidents. Based on empirical data from 16 interviews with security practitioners, we...
View ArticleA Multi-method Approach for User-centered Design of Identity Management Systems
Identity management (IdM) comprises the processes and infrastructure for the creation, maintenance, and use of digital identities. This includes designating who has access to resources, who grants that...
View ArticleAuthorization Recycling in RBAC Systems
As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents...
View ArticleAuthorization Using the Publish-Subscribe Model
Traditional authorization mechanisms based on the request-response model are generally supported by point-to-point communication between applications and authorization servers. As distributed...
View ArticleSupport for ANSI RBAC in EJB
We analyze access control mechanisms of the Enterprise Java Beans (EJB)architecture and define a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB...
View ArticleSecure Web 2.0 Content Sharing Beyond Walled Gardens
Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). In this paper, we...
View Article