A Declarative Framework for Specifying and Enforcing Purpose-aware Policies

Purpose is crucial for privacy protection as it makes users confident that their personal data are processed as intended. Available proposals for the specification and enforcement of purpose-aware policies are unsatisfactory for their ambiguous semantics of purposes and/or lack of support to the run-time enforcement of policies. In this paper, we propose a declarative framework based on a first-order temporal logic that allows us to give a precise semantics to purpose-aware policies and to reuse algorithms for the design of a run-time monitor enforcing purpose-aware policies. We also show the complexity of the generation and use of the monitor which, to the best of our knowledge, is the first such a result in literature on purpose-aware policies.Comment: Extended version of the paper accepted at the 11th International Workshop on Security and Trust Management (STM 2015

Cloud Computing Integrated Multi-Factor Authentication Framework Application in Logistics Information Systems

 As new technology enables firms to perform many daily processes easier the need of authentication and authorization process is becoming an integral part of many businesses. Also mobile applications are very popular nowadays play an important role in our lives. Such demands are not only limited to Logistics Information Systems (LIS) but many field of information system as well. In this study multi-dimensional authentication which consist of online biometric face detection integrated as cloud computing software as a Service (SaaS), Near Field Communication (NFC) card authentication, location confirmation, and temporal data confirmation are gathered together to fulfill different scenarios of authentication needs of business. Microsoft Face API (Application Program Interface, SAAS (software as a service) has been used in face recognition module of developed mobile application. The face recognition module of the mobile application has been tested with Yale Face Database. Location, temporal data and NFC card information are collected and confirmed by the mobile application for authentication and authorization. These images were tested with our facial recognition module and confusion matrices were created. The accuracy of the system after the facial recognition test was found to be 100%. NFC card, location and temporal data authentication not only further increases security level but also fulfils many business authentication scenarios successfully. To the best of our knowledge there is no other authentication model other than implemented one that has a-4-factor confirmation including biometric face identification, NFC card authentication, location confirmation and temporal data confirmation.

Expressive Policy Analysis with Enhanced System Dynamicity

Despite several research studies, the effective analysis of policy based systems remains a significant challenge. Policy analysis should at least (i) be expressive (ii) take account of obligations and authorizations, (iii) include a dynamic system model, and (iv) give useful diagnostic information. We present a logic-based policy analysis framework which satisfies these requirements, showing how many significant policy-related properties can be analysed, and we give details of a prototype implementation. Copyright 2009 ACM