An OWL-based XACML policy framework

We present an XACML policy framework implementation using OWL and reasoning technologies. Reasoning allows to easily generate policy decisions in complex environments for expressive policies, while satisfying the requirements of reliability and consistency for the framework. Furthermore, OWL ontologies represent a valid substratum for tackling advanced complex tasks, as Policy Harmonization and Explanation, with a complete rationale

On the Notion of Redundancy in Access Control Policies

The evolution of information systems sees an increasing need of flexible and sophisticated approaches for the automated detection of anomalies in security policies. One of these anomalies is redundancy, which may increase the total cost of management of the policies and may reduce the performance of access control mechanisms and of other anomaly detection techniques. We consider three approaches that can remove redundancy from access control policies, progressively reducing the number of authorizations in the policy itself. We show that several problems associated with redundancy are NP-hard. We propose exact solutions to two of these problems, namely the Minimum Policy Problem, which consists in computing the minimum policy that represents the behaviour of the system, and the Minimum Irreducible Policy Problem, consisting in computing the redundancy-free version of a policy with the smallest number of authorizations. Furthermore we propose heuristic solutions to those problems. We also present a comparison between the exact and heuristics solutions based on experiments that use policies derived from bibliographical databases

A Model-Driven Approach for Securing Software Architectures

Current IT systems consist usually of several components and services that communicate and exchange data over the Internet. They have security requirements that aim at avoiding information disclosure and at showing compliance with government regulations. In order to effectively handle the security management of complex IT systems, techniques are needed to help the security administrator in the design and configuration of the security architecture. We propose a model-driven security approach for the design and generation of concrete security configurations for software architectures. In our approach the system architect models the architecture of the system by means of UML class diagrams, and then the security administrator adds security requirements to the model by means of Security4UML, a UML profile. From the model enriched with security requirements, the concrete security configuration is derived in a semi-automated way. We present a tool that supports this model-driven approach, and a case study that involves a distributed multi-user meeting scheduler application

SARS‐CoV‐2 infection and venous thromboembolism after surgery: an international prospective cohort study

SARS-CoV-2 has been associated with an increased rate of venous thromboembolism in critically ill patients. Since surgical patients are already at higher risk of venous thromboembolism than general populations, this study aimed to determine if patients with peri-operative or prior SARS-CoV-2 were at further increased risk of venous thromboembolism. We conducted a planned sub-study and analysis from an international, multicentre, prospective cohort study of elective and emergency patients undergoing surgery during October 2020. Patients from all surgical specialties were included. The primary outcome measure was venous thromboembolism (pulmonary embolism or deep vein thrombosis) within 30 days of surgery. SARS-CoV-2 diagnosis was defined as peri-operative (7 days before to 30 days after surgery); recent (1-6 weeks before surgery); previous (>= 7 weeks before surgery); or none. Information on prophylaxis regimens or pre-operative anti-coagulation for baseline comorbidities was not available. Postoperative venous thromboembolism rate was 0.5% (666/123,591) in patients without SARS-CoV-2; 2.2% (50/2317) in patients with peri-operative SARS-CoV-2; 1.6% (15/953) in patients with recent SARS-CoV-2; and 1.0% (11/1148) in patients with previous SARS-CoV-2. After adjustment for confounding factors, patients with peri-operative (adjusted odds ratio 1.5 (95%CI 1.1-2.0)) and recent SARS-CoV-2 (1.9 (95%CI 1.2-3.3)) remained at higher risk of venous thromboembolism, with a borderline finding in previous SARS-CoV-2 (1.7 (95%CI 0.9-3.0)). Overall, venous thromboembolism was independently associated with 30-day mortality (5.4 (95%CI 4.3-6.7)). In patients with SARS-CoV-2, mortality without venous thromboembolism was 7.4% (319/4342) and with venous thromboembolism was 40.8% (31/76). Patients undergoing surgery with peri-operative or recent SARS-CoV-2 appear to be at increased risk of postoperative venous thromboembolism compared with patients with no history of SARS-CoV-2 infection. Optimal venous thromboembolism prophylaxis and treatment are unknown in this cohort of patients, and these data should be interpreted accordingly