enter search term and/or author name
Comparing Vulnerability Severity and Exploits Using Case-Control Studies
Luca Allodi, Fabio Massacci
Article No.: 1
(U.S.) Rule-based policies for mitigating software risk suggest using the CVSS score to measure the risk of an individual vulnerability and act accordingly. A key issue is whether the ‘danger’ score does actually match the risk of...
Rumpole: An Introspective Break-Glass Access Control Language
Srdjan Marinovic, Naranker Dulay, Morris Sloman
Article No.: 2
Access control policies define what resources can be accessed by which subjects and under which conditions. It is, however, often not possible to anticipate all subjects that should be permitted access and the conditions under which they should be...
A Framework for Expressing and Enforcing Purpose-Based Privacy Policies
Mohammad Jafari, Reihaneh Safavi-Naini, Philip W. L. Fong, Ken Barker
Article No.: 3
Purpose is a key concept in privacy policies. Although some models have been proposed for enforcing purpose-based privacy policies, little has been done in defining formal semantics for purpose, and therefore an effective enforcement...
Users often wish to communicate anonymously on the Internet, for example, in group discussion or instant messaging forums. Existing solutions are vulnerable to misbehaving users, however, who may abuse their anonymity to disrupt communication....