Automated Certification of Authorisation Policy Resistance

Attribute-based Access Control (ABAC) extends traditional Access Control by considering an access request as a set of pairs attribute name-value, making it particularly useful in the context of open and distributed systems, where security relevant information can be collected from different sources. However, ABAC enables attribute hiding attacks, allowing an attacker to gain some access by withholding information. In this paper, we first introduce the notion of policy resistance to attribute hiding attacks. We then propose the tool ATRAP (Automatic Term Rewriting for Authorisation Policies), based on the recent formal ABAC language PTaCL, which first automatically searches for resistance counter-examples using Maude, and then automatically searches for an Isabelle proof of resistance. We illustrate our approach with two simple examples of policies and propose an evaluation of ATRAP performances.Comment: 20 pages, 4 figures, version including proofs of the paper that will be presented at ESORICS 201

Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\em Shared} hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates. We construct provider-level features on the global market for shared hosting -- containing 1,259 providers -- by gathering indicators from 442,684 domains. Exploratory factor analysis of 15 indicators identifies four main latent factors that capture security efforts: content security, webmaster security, web infrastructure security and web application security. We confirm, via a fixed-effect regression model, that providers exert significant influence over the latter two factors, which are both related to the software stack in their hosting environment. Finally, by means of GLM regression analysis of these factors on phishing and malware abuse, we show that the four security and software patching factors explain between 10\% and 19\% of the variance in abuse at providers, after controlling for size. For web-application security for instance, we found that when a provider moves from the bottom 10\% to the best-performing 10\%, it would experience 4 times fewer phishing incidents. We show that providers have influence over patch levels--even higher in the stack, where CMSes can run as client-side software--and that this influence is tied to a substantial reduction in abuse levels

The imperfect hiding : some introductory concepts and preliminary issues on modularity

In this work we present a critical assessment of some problems and open questions on the debated notion of modularity. Modularity is greatly in fashion nowadays, being often proposed as the new approach to complex artefact production that enables to combine fast innovation pace, enhanced product variety and reduced need for co-ordination. In line with recent critical assessments of the managerial literature on modularity, we sustain that modularity is only one among several arrangements to cope with the complexity inherent in most high-technology artefact production, and by no means the best one. We first discuss relations between modularity and the broader (and much older within economics) notion of division of labour. Then we sustain that a modular approach to labour division aimed at eliminating technological interdependencies between components or phases of a complex production process may have, as a by-product, the creation of other types of interdependencies which may subsequently result in inefficiencies of various types. Hence, the choice of a modular design strategy implies the resolution of various tradeoffs. Depending on how such tradeoffs are solved, different organisational arrangements may be created to cope with ‘residual’ interdependencies. Hence, there is no need to postulate a perfect isomorphism, as some recent literature has proposed, between modularity at the product level and modularity at the organisational level

Neural Task Programming: Learning to Generalize Across Hierarchical Tasks

In this work, we propose a novel robot learning framework called Neural Task Programming (NTP), which bridges the idea of few-shot learning from demonstration and neural program induction. NTP takes as input a task specification (e.g., video demonstration of a task) and recursively decomposes it into finer sub-task specifications. These specifications are fed to a hierarchical neural program, where bottom-level programs are callable subroutines that interact with the environment. We validate our method in three robot manipulation tasks. NTP achieves strong generalization across sequential tasks that exhibit hierarchal and compositional structures. The experimental results show that NTP learns to generalize well to- wards unseen tasks with increasing lengths, variable topologies, and changing objectives.Comment: ICRA 201

XML Security in Certificate Management - XML Certificator

The trend of rapid growing use of XML format in data/document management system reveals that security measures should be urgently considered into next generation's data/document systems. This paper presents a new certificate management system developed on the basis of XML security mechanisms. The system is supported by the theories of XML security as well as Object oriented technology and database. Finally it has been successfully implemented in using C&#, SQL, XML signature and XML encryption. An implementation metrics is evidently presented