Enforcing security in semantics driven policy based networks

Abstract: Abstract-Security is emerging as an important requirement for a number of distributed applications such as online banking, social networking etc. due to the private nature of the data being involved. Further more, the wide spread use of portable devices such as laptops, PDAs etc. allows users to make meaningful ad hoc collaborations. Traditional security solutions are not feasible for these scenarioes due to the varying nature of the collaborations in terms of entities involved and their roles, available resou… Show more

“…3 Attestation techniques Information Unauthorized access, Information loss scc 4 Repudiation mechanisms Information Manipulation of info, Information loss scc 5 Isolation means Software System failure, Malicious code scc 6 Input validation strategies Software Malicious code, Denegation of service scc 7 Settings change management strategies Software Malicious code, Privileges escalation scc 8 Versions management strategies Information Manipulation of information, Malicious code scc 9 Monitoring strategies Software Privileges escalation, System failure, Unauthorized access, Malicious code, Denegation of service scc 10 Software execution schemas Software System failure, Malicious code scc 11 Session time assignment Software Privileges escalation, Unauthorized access, Malicious code scc 12 Resource exposure Information Unauthorized access, Eavesdropping scc 13 Alert mechanisms Software, Information Unauthorized access, Eavesdropping, Manipulation of information, Information loss, Denegation of service, Malicious code, Privileges escalation, System failure scc 14 User advertising strategies Software, Information Manipulation of Information, Information loss, Unauthorized access scc 15 Routing mechanisms Information Eavesdropping, Denegation of service scc 16 Backup strategies Information Manipulation of information, Information loss, Denegation of service In order to evaluate the previously proposed method in a real scenario, we have defined a situation in a regular enterprise holding many information assets whose access is handled using access control systems. This scenario is composed by a risk analysis module, a resource store, a counter-measures module and an access control policies engine, as represented in Fig.…”

Dynamic counter-measures for risk-based access control systems: An evolutive approach

“…3 Attestation techniques Information Unauthorized access, Information loss scc 4 Repudiation mechanisms Information Manipulation of info, Information loss scc 5 Isolation means Software System failure, Malicious code scc 6 Input validation strategies Software Malicious code, Denegation of service scc 7 Settings change management strategies Software Malicious code, Privileges escalation scc 8 Versions management strategies Information Manipulation of information, Malicious code scc 9 Monitoring strategies Software Privileges escalation, System failure, Unauthorized access, Malicious code, Denegation of service scc 10 Software execution schemas Software System failure, Malicious code scc 11 Session time assignment Software Privileges escalation, Unauthorized access, Malicious code scc 12 Resource exposure Information Unauthorized access, Eavesdropping scc 13 Alert mechanisms Software, Information Unauthorized access, Eavesdropping, Manipulation of information, Information loss, Denegation of service, Malicious code, Privileges escalation, System failure scc 14 User advertising strategies Software, Information Manipulation of Information, Information loss, Unauthorized access scc 15 Routing mechanisms Information Eavesdropping, Denegation of service scc 16 Backup strategies Information Manipulation of information, Information loss, Denegation of service In order to evaluate the previously proposed method in a real scenario, we have defined a situation in a regular enterprise holding many information assets whose access is handled using access control systems. This scenario is composed by a risk analysis module, a resource store, a counter-measures module and an access control policies engine, as represented in Fig.…”

Dynamic counter-measures for risk-based access control systems: An evolutive approach

Decentralized Semantic Threat Graphs

Building Next-Generation Converged Networks