enter search term and/or author name
On mutually exclusive roles and separation-of-duty
Ninghui Li, Mahesh V. Tripunitara, Ziad Bizri
Article No.: 5
Separation-of-duty (SoD) is widely considered to be a fundamental principle in computer security. A static SoD (SSoD) policy states that in order to have all permissions necessary to complete a sensitive task, the cooperation of at least a certain...
Batch zero-knowledge proof and verification and its applications
Kun Peng, Colin Boyd, Ed Dawson
Article No.: 6
The batch verification technique of Bellare et al. is extended to verification of several frequently employed zero-knowledge proofs. The new techniques are correct, sound, efficient, and can be widely applied. Specific applications are discussed...
Specification and verification of security requirements in a programming model for decentralized CSCW systems
Tanvir Ahmed, Anand R. Tripathi
Article No.: 7
We present, in this paper, a role-based model for programming distributed CSCW systems. This model supports specification of dynamic security and coordination requirements in such systems. We also present here a model-checking methodology for...
We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however,...