On Properties of Policy-Based Specifications

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus become a crucial issue in the design of modern computing systems. Among the different access control approaches proposed in the last decades, the policy-based one permits to capture, by resorting to the concept of attribute, all systems' security-relevant information and to be, at the same time, sufficiently flexible and expressive to represent the other approaches. In this paper, we move a step further to understand the effectiveness of policy-based specifications by studying how they permit to enforce traditional security properties. To support system designers in developing and maintaining policy-based specifications, we formalise also some relevant properties regarding the structure of policies. By means of a case study from the banking domain, we present real instances of such properties and outline an approach towards their automatised verification.Comment: In Proceedings WWV 2015, arXiv:1508.0338

Policy inconsistency detection bassed on RBAC model in cross-organizational collaboration

Policy integration and conflict resolutions among various organizations still remain a major challenge.Moreover, policy inconsistency detection approach with logical reasoning techniques which considers integration requirements from collaboration parties has not been well studied.In this paper, we proposed a model to detect inconsistencies based on role-based access control (RBAC) that considers role hierarchy (RH) and temporal and spatial constraints.A model to prune and collect only the required policies based on access control requirements from different organizations is designed.Policy inconsistency detection should be enhanced with logical-based analysis in order to develop security policy integration.We believe this work could provide manner to filter a large amount of unrelated policies and only return potential collaboration policies for conflict resolution

Policy-driven Security Management for Gateway-Oriented Reconfigurable Ecosystems

abstract: With the increasing user demand for low latency, elastic provisioning of computing resources coupled with ubiquitous and on-demand access to real-time data, cloud computing has emerged as a popular computing paradigm to meet growing user demands. However, with the introduction and rising use of wear- able technology and evolving uses of smart-phones, the concept of Internet of Things (IoT) has become a prevailing notion in the currently growing technology industry. Cisco Inc. has projected a data creation of approximately 403 Zetabytes (ZB) by 2018. The combination of bringing benign devices and connecting them to the web has resulted in exploding service and data aggregation requirements, thus requiring a new and innovative computing platform. This platform should have the capability to provide robust real-time data analytics and resource provisioning to clients, such as IoT users, on-demand. Such a computation model would need to function at the edge-of-the-network, forming a bridge between the large cloud data centers and the distributed connected devices. This research expands on the notion of bringing computational power to the edge- of-the-network, and then integrating it with the cloud computing paradigm whilst providing services to diverse IoT-based applications. This expansion is achieved through the establishment of a new computing model that serves as a platform for IoT-based devices to communicate with services in real-time. We name this paradigm as Gateway-Oriented Reconfigurable Ecosystem (GORE) computing. Finally, this thesis proposes and discusses the development of a policy management framework for accommodating our proposed computational paradigm. The policy framework is designed to serve both the hosted applications and the GORE paradigm by enabling them to function more efficiently. The goal of the framework is to ensure uninterrupted communication and service delivery between users and their applications.Dissertation/ThesisMasters Thesis Computer Science 201

Privacy preference mechanisms in Personal Data Storage (PDS).

In this thesis, we study frameworks for managing user's privacy when disclosing personal data with third parties from Personal Data Storage (PDS). PDS is a secure digital space which allows individuals to collect, store, and give access to third parties. So, PDS has inaugurated a substantial change to the way people can store and control their personal data, by moving from a service-centric to a user-centric model. Up to now, most of the research on PDS has focused on how to enforce user privacy preferences and how to secure data stored into the PDS. In contrast, this thesis aims at designing a Privacy-aware Personal Data Storage (P-PDS), that is, a PDS able to automatically take privacy-aware decisions on third parties access requests in accordance with user preferences. This thesis first demonstrates that semi-supervised learning can be successfully exploited to make a PDS able to automatically decide whether an access request has to be authorized or not. Furthermore, we have revised our first contribution by defining strategies able to obtain good accuracy without requiring too much effort from the user in the training phase. At this aim, we exploit active learning with semi-supervised approach so as to improve the quality of the labeled training dataset. This ables to improve the performance of learning models to predict user privacy preferences correctly. Moreover, in the second part of the thesis we study how user's contextual information play a vital role in term of taking decision of whether to share personal data with third parties. As such, consider that a service provider may provide a request for entertainment service to PDS owner during his/her office hours. In such case, PDS owner may deny this service as he/she is in office. That implies individual would like to accept/deny access requests by considering his/her contextual information. Prior studies on PDS have not considered user's contextual information so far. Moreover, prior research has shown that user privacy preferences may vary based on his/her contextual information. To address this issue, this thesis also focuses to implement a contextual privacy-aware framework for PDS (CP-PDS) which exploits contextual information to build a learning classifier that can predict user privacy preferences under various contextual scenarios. We run several experiments on a realistic dataset and exploiting groups of evaluators. The obtained results show the effectiveness of the proposed approaches

A framework in support of emergency management for specified and unspecified emergencies.

missin

Usage Policies for Decentralised Information Processing

Owners impose usage restrictions on their information, which can be based e.g. on privacy laws, copyright law or social conventions. Often, information is processed in complex constellations without central control. In this work, we introduce technologies to formally express usage restrictions in a machine-interpretable way as so-called policies that enable the creation of decentralised systems that provide, consume and process distributed information in compliance with their usage restrictions

Tools and techniques for analysing the impact of information security

PhD ThesisThe discipline of information security is employed by organisations to protect the confidentiality, integrity and availability of information, often communicated in the form of information security policies. A policy expresses rules, constraints and procedures to guard against adversarial threats and reduce risk by instigating desired and secure behaviour of those people interacting with information legitimately. To keep aligned with a dynamic threat landscape, evolving business requirements, regulation updates, and new technologies a policy must undergo periodic review and change. Chief Information Security Officers (CISOs) are the main decision makers on information security policies within an organisation. Making informed policy modifications involves analysing and therefore predicting the impact of those changes on the success rate of business processes often expressed as workflows. Security brings an added burden to completing a workflow. Adding a new security constraint may reduce success rate or even eliminate it if a workflow is always forced to terminate early. This can increase the chances of employees bypassing or violating a security policy. Removing an existing security constraint may increase success rate but may may also increase the risk to security. A lack of suitably aimed impact analysis tools and methodologies for CISOs means impact analysis is currently a somewhat manual and ambiguous procedure. Analysis can be overwhelming, time consuming, error prone, and yield unclear results, especially when workflows are complex, have a large workforce, and diverse security requirements. This thesis considers the provision of tools and more formal techniques specific to CISOs to help them analyse the impact modifying a security policy has on the success rate of a workflow. More precisely, these tools and techniques have been designed to efficiently compare the impact between two versions of a security policy applied to the same workflow, one before, the other after a policy modification. This work focuses on two specific types of security impact analysis. The first is quantitative in nature, providing a measure of success rate for a security constrained workflow which must be executed by employees who may be absent at runtime. This work considers quantifying workflow resiliency which indicates a workflow’s expected success rate assuming the availability of employees to be probabilistic. New aspects of quantitative resiliency are introduced in the form of workflow metrics, and risk management techniques to manage workflows that must work with a resiliency below acceptable levels. Defining these risk management techniques has led to exploring the reduction of resiliency computation time and analysing resiliency in workflows with choice. The second area of focus is more qualitative, in terms of facilitating analysis of how people are likely to behave in response to security and how that behaviour can impact the success rate of a workflow at a task level. Large amounts of information from disparate sources exists on human behavioural factors in a security setting which can be aligned with security standards and structured within a single ontology to form a knowledge base. Consultations with two CISOs have been conducted, whose responses have driven the implementation of two new tools, one graphical, the other Web-oriented allowing CISOs and human factors experts to record and incorporate their knowledge directly within an ontology. The ontology can be used by CISOs to assess the potential impact of changes made to a security policy and help devise behavioural controls to manage that impact. The two consulted CISOs have also carried out an evaluation of the Web-oriented tool. vii