enter search term and/or author name
The session token protocol for forensics and traceback
Brian Carrier, Clay Shields
In this paper we present the Session Token Protocol (STOP), a new protocol that can assist in the forensic analysis of a computer involved in malicious network activity. It has been designed to help automate the process of tracing attackers who log...
Modular authorization and administration
Horst F. Wedde, Mario Lischka
In large organizations the administration of access privileges (such as the assignment of access rights to a user in a particular role) is handled cooperatively through distributed administrators in various different capacities. A quorum may be...
An integrated approach to engineer and enforce context constraints in RBAC environments
Mark Strembeck, Gustaf Neumann
We present an approach that uses special purpose role-based access control (RBAC) constraints to base certain access control decisions on context information. In our approach a context constraint is defined as a dynamic RBAC constraint that...
Content-triggered trust negotiation
Adam Hess, Jason Holt, Jared Jacobson, Kent E. Seamons
The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy...
On the performance of group key agreement protocols
Yair Amir, Yongdae Kim, Cristina Nita-Rotaru, Gene Tsudik
Group key agreement is a fundamental building block for secure peer group communication systems. Several group key management techniques were proposed in the last decade, all assuming the existence of an underlying group communication infrastructure...