Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 10 Issue 2, May 2007

On mutually exclusive roles and separation-of-duty
Ninghui Li, Mahesh V. Tripunitara, Ziad Bizri
Article No.: 5
DOI: 10.1145/1237500.1237501

Separation-of-duty (SoD) is widely considered to be a fundamental principle in computer security. A static SoD (SSoD) policy states that in order to have all permissions necessary to complete a sensitive task, the cooperation of at least a certain...

Batch zero-knowledge proof and verification and its applications
Kun Peng, Colin Boyd, Ed Dawson
Article No.: 6
DOI: 10.1145/1237500.1237502

The batch verification technique of Bellare et al. is extended to verification of several frequently employed zero-knowledge proofs. The new techniques are correct, sound, efficient, and can be widely applied. Specific applications are discussed...

Specification and verification of security requirements in a programming model for decentralized CSCW systems
Tanvir Ahmed, Anand R. Tripathi
Article No.: 7
DOI: 10.1145/1237500.1237503

We present, in this paper, a role-based model for programming distributed CSCW systems. This model supports specification of dynamic security and coordination requirements in such systems. We also present here a model-checking methodology for...

Secure sessions for Web services
Karthikeyan Bhargavan, Ricardo Corin, Cédric Fournet, Andrew D. Gordon
Article No.: 8
DOI: 10.1145/1237500.1237504

We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however,...