|
201.
|
Security Engineering for Large Scale Distributed Applications
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-040]
The way security mechanisms for large-scale distributed applications are engineered today has a number of serious drawbacks. [...]
Published in Konstantin Beznosov, "Security Engineering for Large Scale Distributed Applications," Talk given at the Department of Computer Science, Vrije University, Amsterdam, 17 December, 2004. :
Transfer from CDS 0.99.7:  PDF;
|
|
202.
|
Security Engineering for Large Scale Distributed Applications
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-039]
The way security mechanisms for large-scale distributed applications are engineered today has a number of serious drawbacks. [...]
Published in Konstantin Beznosov, "Security Engineering for Large Scale Distributed Applications," Talk given at severall organizations. See the abstract for details., 2003. :
Transfer from CDS 0.99.7: PDF;
|
|
203.
|
Resource Names for Resource Access Decision (Facility)
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-038]
Presentation given to the joint SecSIG/CORBAmed session on Resource Access Decision facility, as part of the presentation on the revised submission to the OMG Healthcare Resource Access Control RFP [...]
Published in Konstantin Beznosov, "Resource Names for Resource Access Decision (Facility)," presentation given to the joint SecSIG/CORBAmed, OMG, OMG doc # corbamed/99-03-11, 22 March, 1999, pp.18. :
Transfer from CDS 0.99.7: PDF;
|
|
204.
|
Resource Access Decision Server: Design and Performance Considerations
/ Konstantin Beznosov ; Luis Espinal
[LERSSE-PRESENTATION-2005-037]
Presentation on the design and the conducted performance measurements of RAD server prototype built at CADSE [...]
Published in Konstantin Beznosov, Luis Espinal, "Resource Access Decision Server: Design and Performance Considerations," presentation given at CADSE, Miami, FL, USA, CADSE, SCS, FIU, 22 October, 5 November, 1999, pp.25.:
Transfer from CDS 0.99.7: PDF;
|
|
205.
|
Resource Access Decision Facility: Overview
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-036]
Outline: • Why you need Resource Access Decision Facility • Main aspects of RAD specification design • Main design decisions made by RAD submission team
Published in Konstantin Beznosov, "Resource Access Decision Facility: Overview," presentation given at DOCsec Workshop, Baltimore, Maryland, USA, OMG, 15 July, 1999, pp.21.:
Transfer from CDS 0.99.7: PDF;
|
|
206.
|
Requirements for Access Control: US Healthcare Domain
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-035]
Roles are important factors in authorization rules. [...]
Published in Konstantin Beznosov, "Requirements for Access Control: US Healthcare Domain," panel presentation givent at the Third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, ACM, October, 1998.:
Transfer from CDS 0.99.7: PDF;
|
|
207.
|
Requirements for Access Control: US Healthcare Domain
/ Konstantin Beznosov
[LERSSE-UnrefConfPaper-2005-003]
Roles are important factors in authorization rules. [...]
Published in Konstantin Beznosov, "Requirements for Access Control: US Healthcare Domain," in Proceedings of the Third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, ACM, pp.43: (October, 1998)
Transfer from CDS 0.99.7: PDF;
|
|
208.
|
Recycling Authorizations: Toward Secondary and Approximate Authorizations Model (SAAM)
/ Konstantin Beznosov
[LERSSE-REPORT-2005-012]
In large and complex enterprises, obtaining authorizations could be communicationally and/or computationally expensive, and, due to infrastructure failures, some times even impossible. [...]
Published in Konstantin Beznosov, "Recycling Authorizations: Toward Secondary and Approximate Authorizations Model (SAAM)," LERSSE technical report, Department of Electrical and Computer Engineering, University of British Columbia, Vancouver, Canada, LERSSE-TR-2005-01, pp.15: (March, 2005)
Transfer from CDS 0.99.7: PDF;
|
|
209.
|
Preview: Mastering Web Services Security
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-034]
This presentation gives an overview of the upcoming book on Mastering Web Services Security that I co-authored with my colleagues at Quadrasis..
Published in Konstantin Beznosov, "Preview: Mastering Web Services Security," presentation given at Computer Science department, Zurich, Switzerland, IBM Research Laboratory, 16 September, 2002. :
Transfer from CDS 0.99.7: PDF;
|
|
210.
|
Performance Considerations for a CORBA-based Application Authorization Service
/ Konstantin Beznosov ; Luis Espinal ; Yi Deng
[LERSSE-RefConfPaper-2005-012]
Resource Access Decision (RAD) Service allows separation of authorization from application functionality in distributed application systems by providing a logically centralized authorization control mechanism. [...]
Published in Proceedings of IASTED International Conference
Software Engineering and Applications, Las Vegas, Nevada: (November, 2000)
Transfer from CDS 0.99.7: PDF;
|
|
211.
|
Overview of Reference Model of Open Distributed Processing (RM-ODP)
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-033]
Outline: - Why Languages for Enterprises? - Introduction - RM-ODP goal - What it de nes - Viewpoints - Modeling in RM-ODP - Languages - Analysis of RM-ODP - Summary - Additional Information
Published in Konstantin Beznosov, "Overview of Reference Model of Open Distributed Processing (RM-ODP)," presentation given at CADSE, Miami, FL, USA, School of Computer Science, FIU, 17 July, 1998, pp.25. :
Transfer from CDS 0.99.7: PDF;
|
|
212.
|
Overview of CORBA Security
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-032]
Outline: • Introduction into computer security • Security in OO systems • CORBA security model overview • Application access control in CORBA • Resource Access Decision Facility • Further Information
Published in Konstantin Beznosov, "Overview of CORBA Security," lecture given to he students of graduate class CEN6502, Topics in Concurrent and Distributed Systems, Miami, FL, USA, SCS, FIU, 8 March, 2000, pp.27.:
Transfer from CDS 0.99.7: PDF;
|
|
213.
|
On the Benefits of Decomposing Policy Engines into Components
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-031]
In order for middleware systems to be adaptive, their properties and services need to support a wide variety of application-specific policies. [...]
Published in Konstantin Beznosov, "On the Benefits of Decomposing Policy Engines into Components," talk given at The 3rd Workshop on Reflective and Adaptive Middleware, Toronto, Canada, 19 October, 2004. :
Transfer from CDS 0.99.7: PDF;
|
|
214.
|
Official Requirements and Recommendations from Various Organizations on Security for Baptist Health Systems of South Florida
/ Konstantin Beznosov
[LERSSE-REPORT-2005-011]
This report describes recommendations and official requirements from various organizations that guide architecture of CPR security at BHSSF..
Published in Konstantin Beznosov, "Official Requirements and Recommendations from Various Organizations on Security for Baptist Health Systems of South Florida," Object Technology Group, Miami, FL, USA, Baptist Health Systems of South Florida (BHSSF): (October, 1997)
Transfer from CDS 0.99.7: PDF;
|
|
215.
|
Object Security Attributes: Enabling Application-specific Access Control in Middleware
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-030]
This presentation makes two primary contributions toward establishing support for application-specific factors in middleware security mechanisms. [...]
Published in Konstantin Beznosov, "Object Security Attributes: Enabling Application-specific Access Control in Middleware," presented at the 4th International Symposium on Distributed Objects Applications (DOA), Irvine, California, 29 October, 2002. :
Transfer from CDS 0.99.7: PDF;
|
|
216.
|
Object Security Attributes: Enabling Application-specific Access Control in Middleware
/ Konstantin Beznosov
[LERSSE-RefConfPaper-2005-011]
This paper makes two primary contributions toward establishing support for application-specific factors in middleware security mechanisms. [...]
Published in Proceedings of 4th International Symposium on
Distributed Objects and Applications (DOA), Irvine,
California: (October 28 - November 1, 2002) pp. 693-710
Transfer from CDS 0.99.7: PDF;
|
|
217.
|
Middleware and Web Services Security Mechanisms
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-029]
Learning objectives: Gain a working knowledge of the security mechanisms of current Middleware and Web Services technologies. [...]
Published in Konstantin Beznosov, "Middleware and Web Services Security Mechanisms," lecture given at the secure application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 2 March, 2005, pp.65. :
Transfer from CDS 0.99.7: PDF;
|
|
218.
|
Middleware and Web Services Security
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-028]
Challenges of designing secure distributed applications are due to distribution, scale and object orientation. [...]
Published in Konstantin Beznosov, "Middleware and Web Services Security," tutorial given at JavaPolis University, Antwerp, Belgium, Belgium Java Users Group, 14 December, 2004. :
Transfer from CDS 0.99.7: PDF;
|
|
219.
|
Mastering Web Services Security
/ Bret Hartman ; Donald J. Flinn ; Konstantin Beznosov ; Shirley Kawamoto
[LERSSE-BOOK-2005-003]
We present material on how to use the architectures and technologies and how to understand the specifications that are available to build a secure Web Services system. [...]
Published in Bret Hartman, Donald J. Flinn, Konstantin Beznosov, Shirley Kawamoto, "Mastering Web Services Security," New York, New York, USA, John Wiley Sons, Inc., ISBN 0-471-26716-3, January, 2003, pp.464. :
Transfer from CDS 0.99.7: PDF;
|
|
220.
|
KOZEL: Kernel Organization Zappy Environment for Linux
/ Konstantin Beznosov ; Sergey Fedorishin
[LERSSE-REPORT-2005-010]
This report describes application domain, design and usage of Kernel Organization Zappy Environment for Linux (KOZEL, pronounced “kozz’jol”) developed during a term project for Expert Systems cource CEN5120 tought by Dr. [...]
Published in KOZEL: Kernel Organization Zappy Environment for Linux," term project report for CEN 5120 course Expert Systems, School of Computer Science, Florida International University, Miami, FL, USA: (28 April, 1997)
Transfer from CDS 0.99.7: PDF;
|
|
221.
|
JAMES: Junk Authorizations for Massive-scale Enterprise Services
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-027]
The request-response paradigm used for distributed access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls [...]
Published in Konstantin Beznosov, "JAMES: Junk Authorizations for Massive-scale Enterprise Services," given at the School of Computing and Information Sciences, Florida International University, Miami, Florida, USA, August 15, 2005, pp.29. :
Transfer from CDS 0.99.7: PDF;
|
|
222.
|
Issues in the Security Architecture of the Computerized Patient Record Enterprise
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-026]
We discuss issues in CPR enterprise security architecture. [...]
Published in Konstantin Beznosov, "Issues in the Security Architecture of the Computerized Patient Record Enterprise," presentation given at Second Workshop on Distributed Object Computing Security (DOCSec), Baltimore, Maryland, USA, Object Management Group, 7 May, 1998. :
Transfer from CDS 0.99.7: PDF;
|
|
223.
|
Issues in the Security Architecture of the Computerized Patient Record Enterprise
/ Konstantin Beznosov
[LERSSE-UnrefConfPaper-2005-002]
We discuss issues in CPR enterprise security architecture. [...]
Published in Konstantin Beznosov, "Issues in the Security Architecture of the Computerized Patient Record Enterprise," in Proceedings of the Second Workshop on Distributed Object Computing Security (DOCSec), Baltimore, Maryland, USA, pp.5: (May, 1998)
Transfer from CDS 0.99.7: PDF;
|
|
224.
|
Issues in the Security Architecture of the Computerized Patient Record Enterprise
/ Beznosov, K
[LERSSE-PRESENTATION-2005-025]
We discuss issues in CPR enterprise security architecture. [...]
Transfer from CDS 0.99.7: PDF;
|
|
225.
|
Introduction to Cryptography, Part II
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-024]
Outline: - Probabilistic encryption -- Average Case Computational Di culty and the Worst Case Di culty - Identity-Based Public-Key Cryptography - Fair Coin Flipping Using Public-Key Cryptography - Fair Cryptosystems (Key Escrow) - Zero Knowledge Interactive Proof Systems
Published in Konstantin Beznosov, "Introduction to Cryptography, Part II," presentation given at class COT 6421, Theory of Computation II, Miami, FL, USA, School of Computer Science, Florida International University, 7 April, 1998. :
Transfer from CDS 0.99.7: PDF;
|
|
226.
|
Introduction to Cryptography, Part I: Probabilistic Encryption
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-023]
Outline: - Why do we need probabilistic encryption? - The idea behind - Optimized algorithm - Drawbacks
Published in Konstantin Beznosov, "Introduction to Cryptography, Part I: Probabilistic Encryption," presentation given at the class COT 6421, Theory of Computation II, Miami, FL, USA, School of Computer Science, Florida International University, 2 April, 1998.:
Transfer from CDS 0.99.7: PDF;
|
|
227.
|
Improving Practical Security Engineering: Overview of the Ongoing Research
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-022]
Security engineering is about creating viable solutions to real-world security problems-solutions that would address the requirements, be cost-effective, competitive, and yet be subject to the limitations of today security and software technologies [...]
Published in Konstantin Beznosov, "Improving Practical Security Engineering: Overview of the Ongoing Research," talk given at the Department of Computer Science, Heverlee, Belgium, Catholic University of Leuven, 20 December, 2004. :
Transfer from CDS 0.99.7: PDF;
|
|
228.
|
Implementing Multiple Channels over SSL
/ Yong Song ; Victor C.M. Leung ; Konstantin Beznosov
[LERSSE-RefConfPaper-2005-010]
Multiple-Channel SSL (MC-SSL) is our model and protocol for the security of client-server communication. [...]
Published in Yong Song, Victor C.M. Leung, and Konstantin Beznosov. Implementing multiple channels over SSL. In Proceedings of the 1st International Conference on E-business and Telecom-munication Networks, pages 246–253, Setubal, Portugal, 25-28 August 2004.:
Transfer from CDS 0.99.7: PDF;
|
|
229.
|
Human Factor in Security Administration: Brainstorming the Research Directions
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-021]
Although usability has been acknowledged by the security community as one of the design goals back in 1970s, there is dearth of applications of HCI methods to the domain of computer security in general and security administration in particular. [...]
Published in Konstantin Beznosov, "Human Factor in Security Administration: Brainstorming the Research Directions," presentation given at SEEDS, Vancouver, BC, Canada, SEEDS, ECE, UBC, 2 December, 2003. :
Transfer from CDS 0.99.7: PDF;
|
|
230.
|
HIPAA and CPR Architecture
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-020]
The presentation that describes Health Insurance Portability and Accountability Act (HIPAA) from the perspective of the Computerized Patient Record (CPR) Architecture [...]
Published in Konstantin Beznosov, "HIPAA and CPR Architecture," presentation given to IT leadership of the Baptist Health Systems, Miami, FL, USA, Baptist Health Systems of South Florida, 19 April, 1999, pp.17.:
Transfer from CDS 0.99.7: PDF;
|
|
231.
|
Here’s Your Lego™ Security Kit: How to Give Developers All Protection Mechanisms They Will Ever Need
/ Konstantin Beznosov
[LERSSE-RefConfPaper-2005-009]
By presenting a protection architecture for ASP.NET Web services, this paper demonstrates the feasibility of creating middleware mechanisms in the form of composable, flexible, and extensible building blocks. [...]
Published in Konstantin Beznosov, “Here’s Your Lego! Security Kit: How to Give Developers All Protection Mechanisms They
Will Ever Need,” in Proceedings of Software Engineering and Middleware (SEM) Workshop, pp. 3-18,
Linz, Austria, 20-21 September 2004.:
Transfer from CDS 0.99.7: PDF;
|
|
232.
|
Handouts: Introduction to Cryptography
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-019]
Outline: - Probabilistic encryption - Identity-Based Public-Key Cryptography - Fair Coin Flipping Using Public-Key Cryptography - Fair Cryptosystems (Key Escrow) - Zero Knowledge Interactive Proof Systems
Published in Konstantin Beznosov, "Handouts: Introduction to Cryptography," handouts for the presentation given at class COT 6421, Theory of Computation II, Miami, FL, USA, School of Computer Science, Florida International University, April, 1998. :
Transfer from CDS 0.99.7: PDF;
|
|
233.
|
Future Direction of Access Control Models, Architectures, and Technologies
/ Konstantin Beznosov
[LERSSE-UnrefConfPaper-2005-001]
The goal of this panel is to explore future directions in the research and practice of Access Control Models, Architectures, and Technologies (ACMAT). [...]
Published in Konstantin Beznosov, "Future Direction of Access Control Models, Architectures, and Technologies," in Proceedings of the Tenth ACM Symposium on Access Control Models and Aechnologies (SACMAT), Stockholm, Sweden, ACM, pp.48-48: (1-3 June, 2005)
Transfer from CDS 0.99.7: PDF;
|
|
234.
|
Flooding and Recycling Authorizations
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-018]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov, "Flooding and Recycling Authorizations," presentation given at the New Security Paradigms Workshop (NSPW), Lake Arrowhead, CA, USA, 22 September, 2005, pp.25. :
Transfer from CDS 0.99.7: PDF;
|
|
235.
|
eXtreme Security Engineering: On Employing XP Practices to Achieve “Good Enough Security” without Defining It
/ Konstantin Beznosov
[LERSSE-RefConfPaper-2005-008]
This paper examines practices of eXtreme Programming (XP) on the subject of their application to the development of security solutions. [...]
Published in Konstantin Beznosov. Extreme security engineering: On employing xp practices to achieve
"good enough security" without defining it. In First ACM Workshop on Business Driven
Security Engineering (BizSec), Faiffax, VA, USA, 2003. :
Transfer from CDS 0.99.7: PDF;
|
|
236.
|
Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-016]
This presentation reflects, from a software engineering perspective, on the experience of designing and implementing protection mechanisms for ASP.NET Web services. [...]
Published in Konstantin Beznosov, "Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services," presented at the Eighth International SIGSOFT Symposium on Component-based Software Engineering (CBSE), St. Louis, Missouri, USA, 15 May, 2005. :
Transfer from CDS 0.99.7: PDF;
|
|
237.
|
Enterprise Security with EJB™ and CORBA®
/ Bret Hartman ; Donald J. Flinn ; Konstantin Beznosov
[LERSSE-BOOK-2005-002]
This book shows you how to apply enterprise security integration (ESI) to secure your enterprise from end-to-end, using theory, examples, and practical advice. [...]
Published in Bret Hartman, Donald J. Flinn, Konstantin Beznosov, "Enterprise Security with EJB? and CORBA?," New York, New York, USA, John Wiley and Sons, Inc., ISBN 0-471-40131-5, April, 2001, pp.400. :
Transfer from CDS 0.99.7: PDF;
|
|
238.
|
Engineering Application-level Access Control in Distributed Systems
/ Konstantin Beznosov ; Yi Deng
[LERSSE-BOOK-2005-001]
This chapter discusses issues of engineering access control solutions in distributed applications for enterprise computing environments. [...]
Published in Konstantin Beznosov, Yi Deng, "Engineering Application-level Access Control in Distributed Systems," in Handbook of Software Engineering And Knowledge Engineering, World Scientific Publishing, vol. 1, ISBN 981-02-4973-X, January, 2002, pp.20. :
Transfer from CDS 0.99.7: PDF;
|
|
239.
|
Design and Implementation of Resource Access Decision Server
/ Luis Espinal ; Konstantin Beznosov ; Yi Deng
[LERSSE-REPORT-2005-009]
Decoupling authorization decision logic enables implementation of complex and consistent access control policies across heterogeneous systems. [...]
Published in Luis Espinal, Konstantin Beznosov, Yi. Deng, "Design and Implementation of Resource Access Decision Server," Center for Advanced Distributed Systems Engineering (CADSE). Florida International University, technical report #2000-01, pp.18: (21 January, 2000)
Transfer from CDS 0.99.7: PDF;
|
|
240.
|
Design
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-006]
Learning objectives: * understand the principles of engineering secure systems. [...]
Published in
application development course SecAppDev course, Brussels, Belgium, Katholieke
Universiteit Leuven, 2, 3 March, 2005, pp.55. :
Transfer from CDS 0.99.7: PDF;
|
|
241.
|
CPR Security CORBA-based Security and Intranet Services
/ Konstantin Beznosov
[LERSSE-REPORT-2005-008]
Intranet information services based on such technologies as WWW will continue to grow. [...]
Published in Konstantin Beznosov, "CPR Security CORBA-based Security and Intranet Services," Object Technology Group, Miami, FL, USA, Baptist Health Systems of South Florida (BHSSF): (September, 1997)
Transfer from CDS 0.99.7: PDF;
|
|
242.
|
CORBAmed Security White Paper
/ Wayne Wilson ; Konstantin Beznosov
[LERSSE-REPORT-2005-007]
The issue of security in healthcare has been discussed from a variety of perspectives at many CORBAmed meetings. [...]
Published in Wayne Wilson, Konstantin Beznosov, "CORBAmed Security White Paper," Object Management Group, corbamed/97-11-03: (7 November, 1997)
Transfer from CDS 0.99.7: PDF;
|
|
243.
|
Computer and Distributed Security: Introductory Overview for Researchers
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-015]
Outline: - What is security of computer systems - Security and usability - The main challenge for security - Threats, Vulnerabilities, and Attacks - Security Concerns - Distributed Security - Security Functionalities - Summary - References
Published in Konstantin Beznosov, "Computer and Distributed Security: Introductory Overview for Researchers," presentation given at the CADSE, Miami, FL, USA, CADSE, School of Computer Science, FIU, 2 October, 1998, pp.25. :
Transfer from CDS 0.99.7: PDF;
|
|
244.
|
Client-Server Semantic Binary Database: Design and Development
/ Konstantin Beznosov
[LERSSE-REPORT-2005-006]
This paper describes design and implementation of client-server architecture for Semantic Binary Database Management System developed at High Performance Database Research Center, Florida International University. [...]
Published in Konstantin Beznosov, "Client-Server Semantic Binary Database: Design and Development," term paper for graduate course COP 6545 \"Advanced Database Systems\", Miami, FL, School of Computer Science, Florida International University, pp.12: (9 December, 1996)
Transfer from CDS 0.99.7: PDF;
|
|
245.
|
BHS Information Enterprise Architecture
/ Konstantin Beznosov ; Eric Butler ; Eric Navarro
[LERSSE-PRESENTATION-2005-014]
Published in Konstantin Beznosov, Eric Butler, Eric Navarro, "BHS Information Enterprise Architecture," presentation given at CADSE, Miami, FL, USA, CADSE, SCS, FIU, 22 January, 1999, pp.21. :
Transfer from CDS 0.99.7: PDF;
|
|
246.
|
Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-013]
Security is an essential feature and foremost concern to Internet and enterprise distributed software applications. [...]
Published in Konstantin Beznosov, "Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions," presentation given to the SEEDS, ECE, UBC, Vancouver, BC, Canada, ECE, UBC, 16 September, 2003. :
Transfer from CDS 0.99.7: PDF;
|
|
247.
|
Architecture-Centered Composition of Adaptive and Dependable Enterprise Security Services
/ Yi Deng ; Konstantin Beznosov
[LERSSE-PRESENTATION-2005-012]
Security is an essential feature and foremost concern to enterprise software systems. [...]
Published in Yi Deng, Konstantin Beznosov, "Architecture-Centered Composition of Adaptive and Dependable Enterprise Security Services," presented at IBM T. J. Watson Research Center, NY, USA, 14 February, 2000, pp.32. :
Transfer from CDS 0.99.7: PDF;
|
|
248.
|
Supporting End-to-end security Across Proxies with Multiple-channel SSL
/ Yong Song ; Victor C.M. Leung ; Konstantin Beznosov
[LERSSE-RefConfPaper-2005-005]
Secure Socket Layer (SSL) has functional limitations that prevent end-to-end security in the presence of untrusted intermediary application proxies used by clients to communicate with servers [...]
Published in Yong Song, Victor C.M. Leung, and Konstantin Beznosov. Supporting end-to-end security across proxies with multiple-channel SSL. In Proceedings of the 19th IFIP International Information Security Conference, pages 246–253, Toulouse, France, 23-26 August 2004.:
Transfer from CDS 0.99.7: PDF;
|
|
249.
|
Architecture of Information Enterprises: Problems and Perspectives
/ Konstantin Beznosov
[LERSSE-REPORT-2005-005]
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed [...]
Published in Konstantin Beznosov, "Architecture of Information Enterprises: Problems and Perspectives," technical report #2000-06, School of Computer Science, Florida International University, Miami, FL, pp.16: (14 June, 2000)
Transfer from CDS 0.99.7: PDF;
|
|
250.
|
Architecture of Information Enterprises: Problems and Perspectives
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-011]
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed [...]
Published in Konstantin Beznosov, "Architecture of Information Enterprises: Problems and Perspectives," term paper for graduate course in Advanced Software Engineering, Miami, FL, School of Computer Science, Florida International University, 15 April, 1998, pp.12.:
Transfer from CDS 0.99.7: PDF;
|
|
251.
|
Architecture of Information Enterprises: Problems and Perspectives
/ Konstantin Beznosov
[LERSSE-REPORT-2005-004]
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed [...]
Published in Konstantin Beznosov, "Architecture of Information Enterprises: Problems and Perspectives," term paper for graduate course in Advanced Software Engineering, Miami, FL, School of Computer Science, Florida International University, pp.25: (20 April, 1998)
Transfer from CDS 0.99.7: PDF;
|
|
252.
|
Architectural Separation of Authorization and Application Logic in Distributed Systems
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-010]
Security is an essential feature and foremost concern to enterprise software systems [...]
Published in Konstantin Beznosov, "Architectural Separation of Authorization and Application Logic in Distributed Systems," talk given at several organizations, see abstract for details, April--May, 2000. :
Transfer from CDS 0.99.7: PDF;
|
|
253.
|
Architecting a Computerized Patient Record with Distributed Objects
/ Kent Wreder ; Konstantin Beznosov ; A. Bramblett ; Eric Butler ; et al
[LERSSE-RefConfPaper-2005-004]
Published in Kent Wreder, Konstantin Beznosov, A. Bramblett, Eric Butler, A. D-Empaire, E. Hernandez, Eric Navarro, A. Romano, M. Tortolini-Taylor, E. Urzais, R. Ventura, "Architecting a Computerized Patient Record with Distributed Objects," in Proceedings of Healthcare Information and Management Systems Society Conference, Orange County Convention Center, Orlando, FL, USA, HIMSS, February, 1998, pp.149-158.:
Transfer from CDS 0.99.7: PDF;
|
|
254.
|
Applying Aspect-Orientation in Designing Security Systems: A Case Study
/ Shu Gao ; Yi Deng ; Huiqun Yu ; Xudong He ; et al
[LERSSE-RefConfPaper-2005-003]
As a security policy model evolves, the design of security systems using that model could become increasingly complicated [...]
Published in Shu Gao, Yi Deng, Huiqun Yu, Xudong He, Konstantin Beznosov, Kendra Cooper, "Applying Aspect-Orientation in Designing Security Systems: A Case Study," in Proceedings of The Sixteenth International Conference on Software Engineering and Knowledge Engineering (SEKE 04), Banff, Alberta, Canada, June 20-24, 2004, pp.360-365.:
Transfer from CDS 0.99.7: PDF;
|
|
255.
|
Applicability of CORBA Security to the Healthcare Problem Domain
/ Konstantin Beznosov
[LERSSE-REPORT-2005-003]
This paper suggests directions OMG Healthcare Domain Task Force (CORBAmed) could take in proposing OMG standards related to security in the healthcare vertical domain [...]
Published in Konstantin Beznosov, "Applicability of CORBA Security to the Healthcare Problem Domain," Object Management Group, corbamed/97-09-11, September, 1997.:
Transfer from CDS 0.99.7: PDF;
|
|
256.
|
Analysis of Scalable Security – MC-SSL Savings
/ Johnson Lee ; Victor C.M. Leung ; Konstantin Beznosov
[LERSSE-REPORT-2005-002]
This paper investigates how MC-SSL can alleviate the CPU requirements of secure web transactions by using multiple channels, each with its own, different, cipher suite, and switching the channel based on the data’s security requirements [...]
Published in Johnson Lee, Victor C.M. Leung, Konstantin Beznosov, "Analysis of Scalable Security . MC-SSL Savings," Laboratory for Education and Research in Secure Systems Engineering (LERSSE), Vancouver, BC, Canada, University of British Columbia, LERSSE-TR-2005-02, 1 October, 2005, pp.13.:
Fulltext: PDF PDF (PDFA);
|
|
257.
|
An Overview of The Ongoing Research at LERSSE
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-009]
This presentation provides an overview of the research projects undergoing at the Laboratory for Education and Research in Secure Systems Engineering (LERSSE) [...]
Published in Konstantin Beznosov, "An Overview of The Ongoing Research at LERSSE," KTH, Stockholm, 9 June, 2005, pp.76. :
Transfer from CDS 0.99.7: PDF;
|
|
258.
|
Supporting end-to-end Security Across Proxies with Multiple-Channel SSL
/ Yi Deng ; Jiacun Wang ; Jeffrey J. P. Tsai ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2005-002]
Security system architecture governs the composition of components in security systems and interactions between them [...]
Published in Yong Song, Victor C. M. Leung, Konstantin Beznosov, Supporting end-to-end Security Across Proxies with Multiple-Channel SSL, Security and Protection in Information Processing Systems, Vol 147, 2004, 323-337 :
Transfer from CDS 0.99.7: PDF;
|
|
259.
|
Access Control Architectures: COM+ vs. EJB
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-008]
This tutorial provides an overview of access control mechanisms in two most popular commercial middleware technologies, COM+ and EJB. [...]
Published in Konstantin Beznosov, "Access Control Architectures: COM+ vs. EJB," tutorial has been given at the JavaPolis, Antwerpen, Belgium, 16 December, 2004. :
Transfer from CDS 0.99.7: PDF;
|
|
260.
|
Access Control
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-007]
Learning objectives: Comprehend the principles behind access control mechanisms used in today\\\\\\\'s: * operating systems, * middleware, * virtual machines. [...]
Published in Konstantin Beznosov, "Access Control," lecture given at the secure application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 28 February, 2005, pp.46. :
Transfer from CDS 0.99.7: PDF;
|
|
261.
|
A Study of Three Workstation-Server Architectures for Object Oriented Database Systems
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-006]
It presents a paper by David DeWitt, et al \"A Study of Three Workstation-Server Architectures for Object Oriented Database Systems\" [...]
Published in Architectures for Object Oriented Database Systems," presentation at graduate
course COP 6545 \"Advanced Database Systems\", Miami, FL, School of Computer
Science, Florida International University, 23 October, 1996, pp.11.
:
Transfer from CDS 0.99.7: PDF;
|
|
262.
|
A Resource Access Decision Service for CORBA-based Distributed Systems
/ Konstantin Beznosov ; Yi Deng ; Bob Blakley ; Carol Burt ; et al
[LERSSE-RefJnlPaper-2005-001]
Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those polices and factors are [...]
Published in Konstantin Beznosov, Yi Deng, Bob Blakley, Carol Burt, John Barkley, "A Resource Access Decision Service for CORBA-based Distributed Systems," in Proceedings of the Annual Computer Security Applications Conference (ACSAC), Phoenix, Arizona, U.S.A., 6-10 December, 1999, pp.310-319.:
Transfer from CDS 0.99.7: PDF;
|
|
263.
|
A Framework for Implementing Role-based Access Control Using CORBA Security Service
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-005]
The presentation shows how role-based access control (RBAC) models could be implemented using CORBA Security service [...]
Published in Konstantin Beznosov, "A Framework for Implementing Role-based Access Control Using CORBA Security Service," presentation given at CADSE, Miami, FL, USA, Center for Advanced Distributed Systems Engineering (CADSE), School of Computer Science (SCS), Florida International University (FIU), 14, 21 May, 1999, pp.53. :
Transfer from CDS 0.99.7: PDF;
|
|
264.
|
A Framework for Implementing Role-based Access Control Using CORBA Security Service
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-004]
The presentation shows how role-based access control (RBAC) models could be implemented using CORBA Security service [...]
Published in Konstantin Beznosov, "A Framework for Implementing Role-based Access Control Using CORBA Security Service," presented at the Fourth ACM Workshop on Role-Based Access Control (RBAC), Fairfax, Virginia, USA, ACM, 28 October, 1999, pp.29. :
Transfer from CDS 0.99.7: PDF;
|
|
265.
|
A Design of An Authorization Service
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-003]
Outline: • CORBA security model • What CORBA Access Model does[ not] Cover • Healthcare Resource Access Control (H-RAC) high level view • Authorization Service framework design details
Published in Konstantin Beznosov, "A Design of An Authorization Service," presentation given at CADSE, Miami, FL, USA, SCS, FIU, 12 February, 1999, pp.16. :
Transfer from CDS 0.99.7: PDF;
|
|
266.
|
A Framework for Implementing Role-based Access Control Using CORBA Security Service
/ Konstantin Beznosov ; Yi Deng
[LERSSE-RefConfPaper-2005-002]
The paper shows how role-based access control (RBAC) models could be implemented using CORBA Security service [...]
Published in Konstantin Beznosov, Yi Deng, "A Framework for Implementing Role-based Access Control Using CORBA Security Service," in Proceedings of the Fourth ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, ACM, October, 1999, pp.19-30.:
Transfer from CDS 0.99.7: PDF;
|
|
267.
|
Accountability and Availability
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-002]
Learning objectives: Comprehend the principles of security accountability and availability. [...]
Published in Konstantin Beznosov, "Accountability and Availability," lecture given at the secure application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 1 March, 2005, pp.43. :
Transfer from CDS 0.99.7: PDF;
|
|
268.
|
CITI Fault Report Classification and Encoding for Vulnerability and Risk Assessment of Interconnected Infrastructures
/ Hafiz Abdur Rahman ; Konstantin Beznosov
[TEST-REPORT-2005-001]
Effective functionalities of many of the critical infrastructures depend on Communication and Information Technology Infrastructure (CITI). [...]
Published in Hafiz Abdur Rahman, Konstantin Beznosov, "CITI Fault Report Classification and Encoding for Vulnerability and Risk Assessment of Interconnected Infrastructures," Laboratory for Education and Research in Secure Systems Engineering, Vancouver, B.C., Canada, University of British Columbia, technical report LERSSE-TR-2005-03, 4 October, 2005, pp.40.:
Transfer from CDS 0.99.7: PDF;
|
|
269.
|
Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services
/ Konstantin Beznosov
[TEST-RefConfPaper-2005-001]
This report reflects, from a software engineering perspective, on the experience of designing and implementing protection mechanisms for ASP.NET Web services [...]
Published in Konstantin Beznosov, "Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services," in Proceedings of the Eighth International SIGSOFT Symposium on Component-based Software Engineering (CBSE), St. Louis, Missouri, USA, SIGSOFT, 15-21 May, 2005, pp.337-352.:
Transfer from CDS 0.99.7: PDF;
|
|
270.
|
A Security Analysis of the IEEE 1588 Standard
/ Jeanette Tsang ; Konstantin Beznosov
[TEST-PRESENTATION-2005-001]
Published in Jeanette Tsang, Konstantin Beznosov, "A Security Analysis of the IEEE 1588 Standard", presented at the 2005 Conference on IEEE-1588 Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems, October 2005.:
Transfer from CDS 0.99.7: PDF;
|
|
271.
|
On the Benefits of Decomposing Policy Engines into Components
/ Konstantin Beznosov
[TEST-ARTICLE-2005-004]
In order for middleware systems to be adaptive, their properties and services need to support a wide variety of application-specific policies. [...]
Published in Konstantin Beznosov. Flooding and recycling authorizations. In Proceedings of the New
Security Paradigms Workshop (NSPW’05), pages 67–72, Lake Arrowhead, CA, USA, 20-23
September 2005. ACM Press.
:
Transfer from CDS 0.99.7: PDF;
|
|
272.
|
Flooding and Recycling Authorizations
/ Konstantin Beznosov
[TEST-ARTICLE-2005-003]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov, "Flooding and Recycling Authorizations", in Proceedings of New Security Paradigms Workshop (NSPW), Lake Arrowhead, CA, USA, ACM, 20-23 September, 2005, pp.67-72.:
Transfer from CDS 0.99.7: PDF;
|
guest ::
