Catálogo de publicaciones - libros

Usage control governs the handling of sensitive data after it has been given away. The enforcement of usage control requirements is a challenge because the service requester in general has no control over the service provider’s information processing devices. We analyze applicable trust models, conclude that observation-based enforcement is often more appropriate than enforcement by direct control over the service provider’s actions, and present a logical architecture that blends both forms of enforcement with the business logics of service-oriented architectures.

This paper focuses on the management of device-based identities within enterprises. This is a key requirement in enterprises where the identities of devices have become as important as the identities of humans (users) to grant access to enterprise resources. In this context, access control systems need to understand which devices are being used to access resources, by whom and in which contexts. Trust in managed devices’ identities is an important first step to enable this. Most related commercial solutions are deployed at the network level. Instead, we focus at the application/service level to leverage current enterprise identity management solutions, used to manage users’ identities. We investigate requirements and related issues. We introduce an initial approach and describe our related solution. A working prototype (proof-of concept) has been fully implemented by extending HP OpenView Identity Management solutions and using trusted computing-enabled devices. This is work in progress: we aim at setting the context and discussing our current status and next steps.

Nowadays, business processes (BP) are important in the maintenance of competitiveness within enterprises. Moreover, security is a crucial issue in business performance. In the last few years, the languages used for BP representation have been improved and new notations have appeared. Proposals for security requirement specifications at this high level of abstraction have also appeared. Nevertheless, these models have not been transformed into concrete models that can be used in a software development process. In our proposal, we will obtain analysis-level classes from a business process specification in which security requirements are included. Model transformations are within the scope of MDA and they are specified by using the QVT standard. Finally, we shall apply this approach to a typical health-care business process.

The design of effective access control models, to meet the unique challenges posed by the web services paradigm, is a current research focus. Despite recent advances in this field, solutions are generally limited to controlling access to single operations of request-response nature. To ensure that a service is used appropriately, message exchanges can be grouped into conversations consisting of related messages that are governed by sequence constraints. Towards addressing the security of message exchanges, this paper describes an access control model for web services conversations. A trust and context aware access control model is presented that promotes the seamless execution of operations contained by web services conversations.

Federations of autonomous domains allow resource sharing in a highly dynamic manner, improving organizational response times and facilitating cooperation between different information systems. To accomplish this, it is essential to provide a scalable and flexible mechanism that allows security management and acts at application level independently of operating system or platform. In this paper we present a scalable solution that enables interoperation between different systems participating in a dynamic federation, while it also allows the participating systems to retain their autonomy; we present the software architecture of this distributed access control enforcement mechanism and describe our implementation choices.

Whilst device authentication must be considered as a cardinal security issue, complementary and of equal importance to user authentication, in today’s wireless networks, only a few papers address it patchily. This paper identifies and analyses possible major solutions towards solving the device authentication problem. We discuss key issues and future challenges that characterize each solution examining its pros and cons. We also offer a short qualitative comparative analysis for the device authentication schemes in question, examining its applicability for both infrastructure and ad-hoc deployments.

While logging events is becoming increasingly common in computing, in communication and in collaborative environments, log systems need to satisfy increasingly challenging (if not conflicting) requirements. In this paper we propose a high-level framework for modeling log systems, and reasoning about them. This framework allows one to give a high-level representation of a log system and to check whether it satisfies given audit and privacy properties which in turn can be expressed in standard logic. In particular, the framework can be used for comparing and assessing log systems. We validate our proposal by formalizing a number of standard log properties and by using it to review a number of existing systems. Despite the growing pervasiveness of log systems, we believe this is the first framework of this sort.

This paper investigates the effect of new technologies and new systems on data protection and privacy. It attempts to give an overview of the major issues resulting form the introduction of new systems, mainly those based on RFID and ubiquitous/pervasive computing technology and discusses the consequences of increased efficiency and improved security in relation to privacy protection. Most of the legally-oriented analysis carried out in this paper is primarily grounded in the current European data and privacy protection legislation.

In a federated system, it is not uncommon for a user profile registered to a particular system to contain enough attributes to request services from that system. Other attributes may be missing from that profile when services are requested from another system. The problem is that currently, when a change in user attributes happens, it is very difficult for the federation to incorporate the changes in order to resolve the conflict of attributes and maintain the consistency of attributes of users between different systems. Currently ready-for-deploy systems such as Liberty Alliance, Microsoft Windows CardSpace (formerly InfoCard) and Shibboleth do not address this issue efficiently. In general, consistency issues of user attributes in federated system via a 2-dimentional view: consistency between member systems (horizontal consistency) and consistency between federation and local system (vertical consistency). In this paper, we discuss the issue of horizontal consistency to achieve better interoperability and fine-granularity for access control decisions in a federated system by analysing the two approaches to achieve the consistency of user attributes: attribute synchronisation and delegation.

In this paper results from research on security policy enforcement for cross-domain defined business processes specified in BPEL are transferred to the field of Grid computing, where BPEL is used to define Grid processes. In order to facilitate the assessment of remotely defined BPEL-based Grid processes for compliance with security policies prior to execution, a method for specifying security policies with respect to security-relevant semantic patterns in BPEL is applied. The paper shows the extent to which transfer of the former results was successful and indicates limitations and areas of further research. Where the situation is similar to cooperative business processes, such as in forming dynamic virtual organizations using Grid technology, the results turned out to be transferable with minor modifications, whereas for a transfer to the Grid context in general further investigation is required (in particular with respect to formal specification of security-relevant semantics of Grid services).