38.
|
Design and Implementation of Resource Access Decision Server
/ Luis Espinal ; Konstantin Beznosov ; Yi Deng
[LERSSE-REPORT-2005-009]
Decoupling authorization decision logic enables implementation of complex and consistent access control policies across heterogeneous systems. [...]
Published in Luis Espinal, Konstantin Beznosov, Yi. Deng, "Design and Implementation of Resource Access Decision Server," Center for Advanced Distributed Systems Engineering (CADSE). Florida International University, technical report #2000-01, pp.18: (21 January, 2000)
Transfer from CDS 0.99.7: PDF;
|
39.
|
Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-013]
Security is an essential feature and foremost concern to Internet and enterprise distributed software applications. [...]
Published in Konstantin Beznosov, "Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions," presentation given to the SEEDS, ECE, UBC, Vancouver, BC, Canada, ECE, UBC, 16 September, 2003. :
Transfer from CDS 0.99.7: PDF;
|
40.
|
Architectural Separation of Authorization and Application Logic in Distributed Systems
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-010]
Security is an essential feature and foremost concern to enterprise software systems [...]
Published in Konstantin Beznosov, "Architectural Separation of Authorization and Application Logic in Distributed Systems," talk given at several organizations, see abstract for details, April--May, 2000. :
Transfer from CDS 0.99.7: PDF;
|
41.
|
Applying Aspect-Orientation in Designing Security Systems: A Case Study
/ Shu Gao ; Yi Deng ; Huiqun Yu ; Xudong He ; et al
[LERSSE-RefConfPaper-2005-003]
As a security policy model evolves, the design of security systems using that model could become increasingly complicated [...]
Published in Shu Gao, Yi Deng, Huiqun Yu, Xudong He, Konstantin Beznosov, Kendra Cooper, "Applying Aspect-Orientation in Designing Security Systems: A Case Study," in Proceedings of The Sixteenth International Conference on Software Engineering and Knowledge Engineering (SEKE 04), Banff, Alberta, Canada, June 20-24, 2004, pp.360-365.:
Transfer from CDS 0.99.7: PDF;
|
42.
|
Access Control Architectures: COM+ vs. EJB
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-008]
This tutorial provides an overview of access control mechanisms in two most popular commercial middleware technologies, COM+ and EJB. [...]
Published in Konstantin Beznosov, "Access Control Architectures: COM+ vs. EJB," tutorial has been given at the JavaPolis, Antwerpen, Belgium, 16 December, 2004. :
Transfer from CDS 0.99.7: PDF;
|
43.
|
Access Control
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-007]
Learning objectives: Comprehend the principles behind access control mechanisms used in today\\\\\\\'s: * operating systems, * middleware, * virtual machines. [...]
Published in Konstantin Beznosov, "Access Control," lecture given at the secure application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 28 February, 2005, pp.46. :
Transfer from CDS 0.99.7: PDF;
|
44.
|
A Resource Access Decision Service for CORBA-based Distributed Systems
/ Konstantin Beznosov ; Yi Deng ; Bob Blakley ; Carol Burt ; et al
[LERSSE-RefJnlPaper-2005-001]
Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those polices and factors are [...]
Published in Konstantin Beznosov, Yi Deng, Bob Blakley, Carol Burt, John Barkley, "A Resource Access Decision Service for CORBA-based Distributed Systems," in Proceedings of the Annual Computer Security Applications Conference (ACSAC), Phoenix, Arizona, U.S.A., 6-10 December, 1999, pp.310-319.:
Transfer from CDS 0.99.7: PDF;
|
45.
|
A Framework for Implementing Role-based Access Control Using CORBA Security Service
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-005]
The presentation shows how role-based access control (RBAC) models could be implemented using CORBA Security service [...]
Published in Konstantin Beznosov, "A Framework for Implementing Role-based Access Control Using CORBA Security Service," presentation given at CADSE, Miami, FL, USA, Center for Advanced Distributed Systems Engineering (CADSE), School of Computer Science (SCS), Florida International University (FIU), 14, 21 May, 1999, pp.53. :
Transfer from CDS 0.99.7: PDF;
|
46.
|
A Design of An Authorization Service
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-003]
Outline: • CORBA security model • What CORBA Access Model does[ not] Cover • Healthcare Resource Access Control (H-RAC) high level view • Authorization Service framework design details
Published in Konstantin Beznosov, "A Design of An Authorization Service," presentation given at CADSE, Miami, FL, USA, SCS, FIU, 12 February, 1999, pp.16. :
Transfer from CDS 0.99.7: PDF;
|
47.
|
Flooding and Recycling Authorizations
/ Konstantin Beznosov
[TEST-ARTICLE-2005-003]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov, "Flooding and Recycling Authorizations", in Proceedings of New Security Paradigms Workshop (NSPW), Lake Arrowhead, CA, USA, ACM, 20-23 September, 2005, pp.67-72.:
Transfer from CDS 0.99.7: PDF;
|