On the Security of Delegation in Access Control Systems

Abstract. Delegation is a mechanism that allows a user A to act on another user B’s behalf by making B’s access rights available to A. It is well recognized as an important mechanism to provide resiliency and flexibility in access control systems, and has gained popularity in the research community. However, most existing literature focuses on modeling and managing delegations. Little work has been done on understanding the impact of delegation on the security of existing access control systems. In particular, no formal notion of security with respect to delegation has been proposed. Many existing access control systems are designed without having delegation in mind. Simply incorporating a delegation module into those systems may cause security breaches. This paper focuses on the security aspect of delegation in access control systems. We first give examples on how colluding users may abuse the delegation sup-port of access control systems to circumvent security policies, such as separation of duty. As a major contribution, we propose a formal notion of security with respect to delegation in access control systems. After that, we discuss potential mechanisms to enforce security. In particular, we design a novel source-based en-forcement mechanism for workflow authorization systems so as to achieve both security and efficiency.

On the Formal Analysis of a Spatio-Temporal Role-Based Access Control Model

Abstract. With the growing use of wireless networks and mobile devices, we are moving towards an era where spatial and temporal information will be necessary for access control. The use of such information can be used for enhancing the security of an application, and it can also be exploited to launch attacks. For critical applications, a model for spatio-temporal-based access control is needed that increases the security of the application and ensures that the location information cannot be exploited to cause harm. Consequently, researchers have proposed various spatio-temporal access control models that are useful in pervasive computing applications. Such models typically have numerous different features to support the various application requirements. The different features of a spatiotemporal access control model may interact in subtle ways resulting in conflicts. We illustrate how the access control model can be formally analyzed to detect the presence of conflicts. We use Alloy, a formal language based on first-order logic, for the purpose of our analysis. Alloy is supported by a software infrastructure that allows automated analysis of models and has been used to verify industrial applications. The results obtained by analyzing the spatio-temporal access control model will enable the users of the model to make informed decisions.

Multiple spots of photodynamic therapy for the treatment of severe chronic central serous chorioretinopathy

George D Tsakonas, Athanasios I Kotsolis, Chrysanthi Koutsandrea, Ilias Georgalas, Dimitrios Papakonstantinou, Ioannis D LadasFirst Department of Ophthalmology, Medical School of Athens University, Athens, GreecePurpose: To evaluate the efficacy and safety of fluorescein angiography (FA)-guided photodynamic therapy (PDT) for the treatment of severe chronic central serous chorioretinopathy (CSC).Methods: Patients presenting with chronic CSC with multiple areas of retinal pigment epithelium decompensation, with or without focal leaks, were treated with FA-guided full-fluence PDT. Best-corrected visual acuity (BCVA), optical coherence tomography (OCT), FA, indocyanine green angiography, and fundus autofluorescence were used to determine functional and anatomic outcomes.Results: Twenty-one eyes (17 patients) were treated with PDT and followed for a median of 24 months (range, 12–73). In fourteen eyes (66.66%), two PDT spots were performed within the same session. In three eyes (14.28%), three PDT spots were performed, in two eyes (9.52%) four spots, and in two eyes (9.52%) five spots. In 17 eyes (80.95%), the leakage in FA and the subretinal fluid in OCT disappeared after only one session of PDT. In four eyes (19.05%), a second session – with only one spot – of PDT was required due to persistent or recurrent leakage and subfoveal SRF. Median BCVA improved significantly from 20/63 at baseline to 20/40 at 3 months (P = 0.0002) and 20/32 at 6 months (P < 0.0001), and remained improved until the last examination (20/25, P < 0.0001). Two patients complained of a transient central scotoma after the treatment.Conclusion: FA-guided full-fluence PDT with multiple PDT spots within the same session seems to be effective and safe for the treatment of chronic CSC cases with multiple areas of retinal pigment epithelium decompensation.Keywords: central serous chorioretinopathy, photodynamic therap