|
11.
|
Authorization Using the Publish-Subscribe Model
/ Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov
[LERSSE-PRESENTATION-2009-080]
Traditional authorization mechanisms based on the request-response model are generally supported by point-to-point communication between applications and authorization servers. [...]
Published in Qei Wei, Konstantin Beznosov, and Matei Ripeanu, “Authorization Using Publish/Subscribe Models,” In Proceedings of the 2008 IEEE International Symposium on Parallel and Distributed Processing with Applications (ISPA'08), 10-12 December, 2008, Sydney, Australia. IEEE Computer Society, pp.53-62.:
Transfer from CDS 0.99.7:  PDF;
|
|
12.
|
Authorization Recycling in RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-PRESENTATION-2009-079]
As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Qiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu, “Authorization Recycling in RBAC Systems,” in the Proceedings of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT’08), Estes Park, Colorado, 11-13 June, 2008, pp.63-72.:
Transfer from CDS 0.99.7: PDF;
|
|
13.
|
Revealing Hidden Context: Improving Users' Mental Models of Personal Firewalls
/ Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-PRESENTATION-2009-078]
Windows Vista’s personal firewall provides its diverse users with a basic interface that hides many operational details. [...]
Published in Talk given at Symposium On Usable Privacy and Security (SOUPS), July 2009, at Google in Mountain View, California, US.:
Transfer from CDS 0.99.7: PDF;
|
|
14.
|
User Centered Design of ITSM Tools
/ Pooya Jaferian
[LERSSE-PRESENTATION-2009-077]
IT Security Management (ITSM) requires collaboration between diverse stakeholders, has an environment of numerous technological and business specializations (is complex), has many issues that need to be handled with discretion, is fast paced, uncertain, requires reliance of practitioners on tacit knowledge, and there is lack of immediate feedback when imposing a change on the system. [...]
Published in Talk given at NSERC ISSNet Workshop 2009, Carleton University, Ottawa, Canada.:
Transfer from CDS 0.99.7: PDF;
|
|
15.
|
Revealing Hidden Context: Improving Mental Models of Personal Firewall Users
/ Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-PRESENTATION-2009-076]
The Windows Vista personal firewall provides its diverse users with a basic interface that hides many operational details. [...]
Published in Talk given at NSERC ISSNet Workshop 2009, Carleton University, Ottawa, Canada.:
Transfer from CDS 0.99.7: PDF;
|
|
16.
|
Towards Web 2.0 Content Sharing Beyond Walled Gardens
/ San-Tsai Sun ; Konstantin Beznosov
[LERSSE-PRESENTATION-2009-075]
Web 2.0 users need usable mechanisms for sharing their content with each other in a controlled manner across boundaries of content-hosting or application-service providers (CSPs). [...]
Published in Talk given at NSERC ISSNet Workshop 2009, Carleton University, Ottawa, Canada:
Transfer from CDS 0.99.7: PPT;
|
|
17.
|
Toward Improving Availability and Performance of Enterprise Authorization Services
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2009-001]
In currently deployed large enterprise systems, policy enforcement points (PDPs) are commonly implemented as logically centralized authorization servers [...]
Published in Talk given at the Faculty of Computer Science, Technical University of Dortmund.:
Transfer from CDS 0.99.7: PDF;
|
|
18.
|
Management of IT Security in Organizations: What Makes It Hard?
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-073]
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after security breaches. [...]
Published in Konstantin Beznosov, “Management of IT Security in Organizations: What Makes It Hard?” talk given at the SAP Research, Campus-based Engineering Center, Karlsruhe, Germany, 08 July 2008.:
Transfer from CDS 0.99.7: PDF;
|
|
19.
|
Why (Managing) IT Security is Hard and Some Ideas for Making It Easier
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-072]
The way security mechanisms for distributed applications are engineered today has a number of serious drawbacks. [...]
Published in Konstantin Beznosov, “Why (Managing) IT Security is Hard and Some Ideas for Making It Easier” talk given at the St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, 2 June 2008.:
Transfer from CDS 0.99.7: PDF;
|
|
20.
|
The Secondary and Approximate Authorization Model and its Application to BLP and RBAC Policies
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-071]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov, “The Secondary and Approximate Authorization Model and its Application to BLP and RBAC Policies” talk given at the Computer Science Department, IBM Research Laboratory, Rüeschlikon, Switzerland, 5 June 2008.:
Transfer from CDS 0.99.7: PDF;
|
guest ::
RSS feed.