101.
|
A Resource Access Decision Service for CORBA-based Distributed Systems
/ Konstantin Beznosov ; Yi Deng ; Bob Blakley ; Carol Burt ; et al
[LERSSE-RefJnlPaper-2005-001]
Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those polices and factors are [...]
Published in Konstantin Beznosov, Yi Deng, Bob Blakley, Carol Burt, John Barkley, "A Resource Access Decision Service for CORBA-based Distributed Systems," in Proceedings of the Annual Computer Security Applications Conference (ACSAC), Phoenix, Arizona, U.S.A., 6-10 December, 1999, pp.310-319.:
Transfer from CDS 0.99.7: PDF;
|
102.
|
A Framework for Implementing Role-based Access Control Using CORBA Security Service
/ Konstantin Beznosov ; Yi Deng
[LERSSE-RefConfPaper-2005-002]
The paper shows how role-based access control (RBAC) models could be implemented using CORBA Security service [...]
Published in Konstantin Beznosov, Yi Deng, "A Framework for Implementing Role-based Access Control Using CORBA Security Service," in Proceedings of the Fourth ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, ACM, October, 1999, pp.19-30.:
Transfer from CDS 0.99.7: PDF;
|
103.
|
Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services
/ Konstantin Beznosov
[TEST-RefConfPaper-2005-001]
This report reflects, from a software engineering perspective, on the experience of designing and implementing protection mechanisms for ASP.NET Web services [...]
Published in Konstantin Beznosov, "Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services," in Proceedings of the Eighth International SIGSOFT Symposium on Component-based Software Engineering (CBSE), St. Louis, Missouri, USA, SIGSOFT, 15-21 May, 2005, pp.337-352.:
Transfer from CDS 0.99.7: PDF;
|
104.
|
On the Benefits of Decomposing Policy Engines into Components
/ Konstantin Beznosov
[TEST-ARTICLE-2005-004]
In order for middleware systems to be adaptive, their properties and services need to support a wide variety of application-specific policies. [...]
Published in Konstantin Beznosov. Flooding and recycling authorizations. In Proceedings of the New
Security Paradigms Workshop (NSPW’05), pages 67–72, Lake Arrowhead, CA, USA, 20-23
September 2005. ACM Press.
:
Transfer from CDS 0.99.7: PDF;
|
105.
|
Flooding and Recycling Authorizations
/ Konstantin Beznosov
[TEST-ARTICLE-2005-003]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov, "Flooding and Recycling Authorizations", in Proceedings of New Security Paradigms Workshop (NSPW), Lake Arrowhead, CA, USA, ACM, 20-23 September, 2005, pp.67-72.:
Transfer from CDS 0.99.7: PDF;
|