|
31.
|
The Secondary and Approximate Authorization Model and its Application to BellLaPadula Policies
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2006-059]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov "The Secondary and Approximate Authorization Model and its Application to BellLaPadula Policies," Marina del Rey, Clifornia, USA, Computer Networks Division, Information Sciences Institute, the University of Southern California, 6 February, 2006, pp.35.:
Transfer from CDS 0.99.7:  PDF;
|
|
32.
|
Issues in the Security Architecture of the Computerized Patient Record Enterprise
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2006-058]
We discuss issues in CPR enterprise security architecture. [...]
Published in Konstantin Beznosov "Issues in the Security Architecture of the Computerized Patient Record Enterprise," presented at the Second Workshop on Distributed Object Computing Security (DOCSec), Baltimore, Maryland, USA, 7 May, 1998, pp.11.:
Transfer from CDS 0.99.7: PDF;
|
|
33.
|
Towards Agile Security Assurance
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2006-057]
Agile development methods are promising to become the next generation replacing waterfall development. [...]
Published in Konstantin Beznosov "Towards Agile Security Assurance," presentation given at the Calgary Agile Methods User Group (CAMUG), Calgary, Alberta, Canada, University of Calgary, 3 October, 2006.:
Transfer from CDS 0.99.7: PDF;
|
|
34.
|
Usable Security: Quo Vadis?
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2006-056]
The presentation discusses the current state of HCISec and challanges for future research..
Published in Konstantin Beznosov "Usable Security: Quo Vadis?," presented at the USENIX Security panel on usability and security, Vancouver, BC, Canada, USENIX, 2 August, 2006, pp.9.:
Transfer from CDS 0.99.7: PDF;
|
|
35.
|
HOT Admin: Human, Organization, and Technology Centred Improvement of the IT Security Administration
/ Konstantin Beznosov ; Sid Fels ; Lee Iverson ; Brian Fisher
[LERSSE-PRESENTATION-2006-055]
While cryptography, access control, accountability, and other security technologies have received a great deal of attention, to our knowledge this is the first attempt to address systematically the interaction of security administrative models and technologies with usability within an organization [...]
Published in Konstantin Beznosov, Sid Fels, Lee Iverson, Brian Fisher, "HOT Admin: Human, Organization, and Technology Centred Improvement of the IT Security Administration," CIPS Vancouver Security SIG Meeting, Vancouver, 8 March, 2006, pp.35.:
Transfer from CDS 0.99.7: PDF;
|
|
36.
|
Analysis of Interdependencies between CITI and other Critical Infrastructures using RISKS Forum data
/ Hafiz Abdur Rahman ; Konstantin Beznosov
[LERSSE-PRESENTATION-2006-052]
* Objectives * Information Requirement for CITI Failure Analysis * Use of Public Domain Failure Reports * Existing Classification Methods * Our Method of Classification and Analysis * Results of our Analysis * Conclusions
Published in Hafiz Abdur Rahman and Konstantin Beznosov, "Analysis of Interdependencies between CITI and other Critical Infrastructures using RISKS Forum data," JIIRP Technical Meeting, University of British Columbia, ICICS, 27 January, 2006, pp.26. :
Transfer from CDS 0.99.7: PDF;
|
|
37.
|
Resource Access Decision Service for CORBA-based Distributed Systems
/ Konstantin Beznosov ; Yi Deng ; Bob Blakley ; Carol Burt ; et al
[LERSSE-PRESENTATION-2006-051]
Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those polices and factors are [...]
Published in Barkley, "A Resource Access Decision Service for CORBA-based Distributed
Systems," presented at the Annual Computer Security Applications Conference
(ACSAC), Phoenix, Arizona, U.S.A., 10 December, 1999, pp.13. :
Transfer from CDS 0.99.7: PDF;
|
|
38.
|
Secondary and Approximate Authorization Model (SAAM) and its Application to Bell-LaPadula Policies
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2006-050]
The talk defines the secondary and approximate authorization model (SAAM) [...]
Published in Authorization Model (SAAM) and its Application to Bell-LaPadula Policies," Los
Angeles, Information Sciences Institute, 6 February, 2006, pp.35. :
Transfer from CDS 0.99.7: PDF;
|
|
39.
|
Usability of Security Administration vs. Usability of End-user Security
/ Mary Ellen Zurko ; Steve Chan ; Greg Conti ; Konstantin Beznosov
[LERSSE-PRESENTATION-2005-049]
Having recently received increasing attention, usable security is implicitly all about the end user who employs a computer system to accomplish security-unrelated business or personal goals [...]
Published in Mary Ellen Zurko, Steve Chan, Greg Conti, Konstantin Beznosov, "Usability of Security Administration vs. Usability of End-user Security," slides of the corresponding panel at the Symposium on Usable Privacy and Security (SOUPS), Pittsburgh, PA, USA, 8 July, 2005, pp.35.:
Transfer from CDS 0.99.7: PDF;
|
|
40.
|
Update on Security Domain Membership RFP Proposal
/ Konstantin Beznosov ; Tadashi Kaji
[LERSSE-PRESENTATION-2005-048]
Presentation explains structural design proposed by the SDMM proposal, as it was standing on December 2000..
Published in Konstantin Beznosov, Tadashi Kaji, "Update on Security Domain Membership RFP Proposal," presented to the OMG ORB/OS PTF, OMG docuement orbos/00-12-07, 12 December, 2000, pp.23. :
Transfer from CDS 0.99.7: PDF;
|
guest ::
RSS feed.