1,116 research outputs found
Subterfuge-safe trust management for delegation of permissions in open environments
Open environments involve distributed entities interacting with each other in an open manner. Many distributed entities are unknown to each other but need to collaborate and share resources in a secure fashion. Usually resource owners alone decide who is trusted to access their resources. Since resource owners in open environments do not have a complete picture of all trusted entities, trust management frameworks are used to ensure that only authorized entities will access requested resources. Every trust management system has limitations, and the limitations can be exploited by malicious entities. One vulnerability is due to the lack of globally unique interpretation for permission specifications. This limitation means that a malicious entity which receives a permission in one domain may misuse the permission in another domain via some deceptive but apparently authorized route; this malicious behaviour is called subterfuge. This thesis develops a secure approach, Subterfuge Safe Trust Management (SSTM), that prevents subterfuge by malicious entities. SSTM employs the Subterfuge Safe Authorization Language (SSAL) which uses the idea of a local permission with a globally unique interpretation (localPermission) to resolve the misinterpretation of permissions. We model and implement SSAL with an ontology-based approach, SSALO, which provides a generic representation for knowledge related to the SSAL-based security policy. SSALO enables integration of heterogeneous security policies which is useful for secure cooperation among principals in open environments where each principal may have a different security policy with different implementation. The other advantage of an ontology-based approach is the Open World Assumption, whereby reasoning over an existing security policy is easily extended to include further security policies that might be discovered in an open distributed environment. We add two extra SSAL rules to support dynamic coalition formation and secure cooperation among coalitions. Secure federation of cloud computing platforms and secure federation of XMPP servers are presented as case studies of SSTM. The results show that SSTM provides robust accountability for the use of permissions in federation. It is also shown that SSAL is a suitable policy language to express the subterfuge-safe policy statements due to its well-defined semantics, ease of use, and integrability
Proceedings of the 3rd International Workshop on Formal Aspects in Security and Trust (FAST2005)
The present report contains the pre-proceedings of the third international Workshop on Formal Aspects in Security and Trust (FAST2005), held in Newcastle upon Tyne, 18-19 July 2005. FAST is an event affliated with the Formal Methods 2005 Congress (FM05). The third international Workshop on Formal Aspects in Security and Trust (FAST2005) aims at continuing the successful effort of the previous two FAST workshop editions for fostering the cooperation among researchers in the areas of security and trust. The new challenges offered by the so-called ambient intelligence space, as a future paradigm in the information society, demand for a coherent and rigorous framework of concepts, tools and methodologies to provide user\u27s trust&confidence on the underlying communication/interaction infrastructure. It is necessary to address issues relating to both guaranteeing security of the infrastructure and the perception of the infrastructure being secure. In addition, user confidence on what is happening must be enhanced by developing trust models effective but also easily comprehensible and manageable by users
Formal Aspects in Security and Trust
his book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Formal Aspects in Security and Trust, FAST 2005, held in Newcastle upon Tyne, UK in July 2005. The 17 revised papers presented together with the extended abstract of 1 invited paper were carefully reviewed and selected from 37 submissions. The papers focus on formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies
The BJTC Media Law, Regulation & Ethics Handbook 2021
eBook providing an up-to-date and detailed guide to the media law, media regulation and professional ethics for journalists in the United Kingdom. Suitable for professionals working in media production, trainee journalists, undergraduate and postgraduate students enrolled on journalism module and programmes. The content contains many hundreds of direct links to case histories and online resources and also includes chapters contextualising key media law themes such as Open Justice, Media Law and Racial Justice and the media law of the USA
James Michael Curley Scrapbooks Volume 72
The James Michael Curley Scrapbook Collection consists of digitized microfilmed copies of notebooks kept by Curley from 1914-1937. These notebooks contain news clippings that were drawn primarily from Boston newspapers. Curley was born in Roxbury, MA in 1874. He served four terms as Mayor of Boston: 1914–1918, 1922–1926, 1930–1934 and 1946–1950. He also served as Governor of Massachusetts from 1935-1937. In addition to Curley’s political career, the scrapbooks also include clippings about his first wife Mrs. Mary Herlihy Curley (1884-1930) and their daughter Mary D. Curley (1909-1950). A selection of the notebooks were microfilmed in 1962. The microfilm can be found in the holdings of Dinand Library, Holy Cross’s main library.
This volume includes clippings from 1932.https://crossworks.holycross.edu/curley_scrapbooks/1103/thumbnail.jp
- …