Quantcast
Channel: Publications of the Laboratory for Education and Research in Secure Systems Engineering (LERSSE)
Browsing latest articles
Browse All 58 View Live

Introduction to Cryptography, Part II

Outline: - Probabilistic encryption -- Average Case Computational Di culty and the Worst Case Di culty - Identity-Based Public-Key Cryptography - Fair Coin Flipping Using Public-Key Cryptography - Fair...

View Article


Issues in the Security Architecture of the Computerized Patient Record...

We discuss issues in CPR enterprise security architecture. The main goal is to provide a security environment where a user will be viewed the same across all enterprise systems, and access control...

View Article


Issues in the Security Architecture of the Computerized Patient Record...

We discuss issues in CPR enterprise security architecture. The main goal is to provide a security environment where a user will be viewed the same across all enterprise systems, and access control...

View Article

Issues in the Security Architecture of the Computerized Patient Record...

We discuss issues in CPR enterprise security architecture. The main goal is to provide a security environment where a user will be viewed the same across all enterprise systems, and access control...

View Article

JAMES: Junk Authorizations for Massive-scale Enterprise Services

The request-response paradigm used for distributed access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the...

View Article


Mastering Web Services Security

We present material on how to use the architectures and technologies and how to understand the specifications that are available to build a secure Web Services system. Since this technology is rapidly...

View Article

Method and System for Authorization and Access to Protected Resources

The present invention relates to the access of data resources using a Resource Access Decision Facility (RAD), preferably a CORBA RAD. More particularly, embodiments of the present invention provide...

View Article

Middleware and Web Services Security

Challenges of designing secure distributed applications are due to distribution, scale and object orientation. We will discuss the functionalities and capabilities of the security mechanisms of today...

View Article


Middleware and Web Services Security Mechanisms

Learning objectives: Gain a working knowledge of the security mechanisms of current Middleware and Web Services technologies. Overview: Challenges of designing secure distributed applications are due...

View Article


Object Security Attributes: Enabling Application-specific Access Control in...

This paper makes two primary contributions toward establishing support for application-specific factors in middleware security mechanisms. First, it develops a simple classification framework for...

View Article

Object Security Attributes: Enabling Application-specific Access Control in...

This presentation makes two primary contributions toward establishing support for application-specific factors in middleware security mechanisms. First, it develops a simple classification framework...

View Article

Official Requirements and Recommendations from Various Organizations on...

This report describes recommendations and official requirements from various organizations that guide architecture of CPR security at BHSSF.

View Article

On the Benefits of Decomposing Policy Engines into Components

In order for middleware systems to be adaptive, their properties and services need to support a wide variety of application-specific policies. However, application developers and administrators should...

View Article


Overview of CORBA Security

Outline: • Introduction into computer security • Security in OO systems • CORBA security model overview • Application access control in CORBA • Resource Access Decision Facility • Further Information

View Article

Performance Considerations for a CORBA-based Application Authorization Service

Resource Access Decision (RAD) Service allows separation of authorization from application functionality in distributed application systems by providing a logically centralized authorization control...

View Article


Preview: Mastering Web Services Security

This presentation gives an overview of the upcoming book on Mastering Web Services Security that I co-authored with my colleagues at Quadrasis.

View Article

Resource Access Decision Facility: Overview

Outline: • Why you need Resource Access Decision Facility • Main aspects of RAD specification design • Main design decisions made by RAD submission team

View Article


Resource Access Decision Server: Design and Performance Considerations

Presentation on the design and the conducted performance measurements of RAD server prototype built at CADSE. Outline: • Introduction • RAD Specification Overview • RAD Prototype Design • Performance...

View Article

Resource Names for Resource Access Decision (Facility)

Presentation given to the joint SecSIG/CORBAmed session on Resource Access Decision facility, as part of the presentation on the revised submission to the OMG Healthcare Resource Access Control RFP....

View Article

Security Engineering for Large Scale Distributed Applications

The way security mechanisms for large-scale distributed applications are engineered today has a number of serious drawbacks. As a result, secure distributed applications are a) very expensive and...

View Article

Security Engineering for Large Scale Distributed Applications

The way security mechanisms for large-scale distributed applications are engineered today has a number of serious drawbacks. As a result, secure distributed applications are a) very expensive and...

View Article


Security Requirements in Healthcare

Presentation on requirements in US healthcare organizations to security vendors, given to the joint SecSIG/CORBAmed session. Outline: • Risks • Requirements – Security requirements to the healthcare...

View Article


SPAPI: A Security and Protection Architecture for Physical Infrastructures...

In recent years, concerns about the safety and security of critical infrastructures have increased enormously. The se infrastructures can easily become subjects of physical and cyber attacks. In this...

View Article

Supporting Relationships in Access Control Using Role Based Access Control

The Role Based Access Control (RBAC) model and mechanism have proven to be useful and effective. This is clear from the many RBAC implementations in commercial products. However, there are many common...

View Article

Taxonomy of CPR Enterprise Security Concerns at Baptist Health Systems of...

This document categorizes security concerns of Computerized Patient Record enterprise according to federal and Florida state legal requirements, as well as to the internal security policies of Baptist...

View Article

Browsing latest articles
Browse All 58 View Live