1.
|
Analysis of ANSI RBAC Support in EJB
/ Wesam Darwish ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2011-001]
This paper analyzes access control mechanisms of the Enterprise Java Beans (EJB) architecture and defines a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB 3.0 standard. [...]
Published in Wesam Darwish and Konstantin Beznosov. Analysis of ANSI RBAC support in EJB. International Journal of Secure Software Engineering, 2(2):25-52, April-June 2011.:
Transfer from CDS 0.99.7: PDF;
|
2.
|
Analysis of ANSI RBAC Support in COM+
/ Wesam Darwish ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2010-001]
We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. [...]
Published in Darwish, W. and Beznosov, K. Analysis of ANSI RBAC Support in COM+. Comput. Stand. Interfaces 32, 4 (Jan. 2010), 197-214. :
Transfer from CDS 0.99.7: PDF;
|
3.
|
Authorization Recycling in Hierarchical RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-RefJnlPaper-2009-014]
As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Q. Wei, J. Crampton, K. Beznosov, M. Ripeanu, “Authorization Recycling in Hierarchical RBAC Systems,” to appear in ACM Transactions on Information and System Security (TISSEC), 32 pages, preprint.:
Transfer from CDS 0.99.7: PDF;
|
4.
|
Authorization Recycling in RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-PRESENTATION-2009-079]
As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Qiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu, “Authorization Recycling in RBAC Systems,” in the Proceedings of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT’08), Estes Park, Colorado, 11-13 June, 2008, pp.63-72.:
Transfer from CDS 0.99.7: PDF;
|
5.
|
Analysis of ANSI RBAC Support in Commercial Middleware
/ Wesam M. Darwish
[LERSSE-THESIS-2009-001]
This thesis analyzes the access control architectures of three middleware technologies: Common
Object Request Broker Architecture (CORBA), Enterprise Java Beans (EJB), and Component
Object Model (COM+) [...]
Published in Wesam M. Darwish, "Analysis of ANSI RBAC Support in Commercial Middleware," Master thesis, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, April, 2009, pp.124. :
Transfer from CDS 0.99.7: PDF;
|
6.
|
The Secondary and Approximate Authorization Model and its Application to BLP and RBAC Policies
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-071]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov, “The Secondary and Approximate Authorization Model and its Application to BLP and RBAC Policies” talk given at the Computer Science Department, IBM Research Laboratory, Rüeschlikon, Switzerland, 5 June 2008.:
Transfer from CDS 0.99.7: PDF;
|
7.
|
Authorization Recycling in RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-RefConfPaper-2008-026]
As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Qiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu. Authorization recycling in RBAC systems. In SACMAT '08: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, Estes Park, Colorado, USA, June 11-13 2008, pp. 63-72. :
Transfer from CDS 0.99.7: PDF;
|
8.
|
Support for ANSI RBAC in CORBA
/ Konstantin Beznosov ; Wesam Darwish
[LERSSE-REPORT-2007-019]
We describe access control mechanisms of the Common Ob ject Request Broker Architecture (CORBA) and define a configuration of the CORBA protection system in more precise and less ambiguous language than the CORBA Security specification (CORBASec). [...]
Published in Konstantin Beznosov, Wesam Darwish "Support for ANSI RBAC in CORBA," Laboratory for Education and Research in Secure Systems Engineering, Vancouver, Canada, University of British Columbia, technical report LERSSE-TR-2007-01, 26 July, 2007, pp.42.:
Transfer from CDS 0.99.7: PDF;
|
9.
|
Supporting Relationships in Access Control Using Role Based Access Control
/ John Barkley ; Konstantin Beznosov ; Jinny Uppal ; John Barkley ; et al
[LERSSE-RefConfPaper-2005-014]
The Role Based Access Control (RBAC) model and mechanism have proven to be useful and effective. [...]
Published in Proceedings of the Fourth ACM Workshop on
Role-Based Access Control, Fairfax, Virginia, USA: (October, 1999) pp. 55-65
Transfer from CDS 0.99.7: PDF;
|
10.
|
Architecture-Centered Composition of Adaptive and Dependable Enterprise Security Services
/ Yi Deng ; Konstantin Beznosov
[LERSSE-PRESENTATION-2005-012]
Security is an essential feature and foremost concern to enterprise software systems. [...]
Published in Yi Deng, Konstantin Beznosov, "Architecture-Centered Composition of Adaptive and Dependable Enterprise Security Services," presented at IBM T. J. Watson Research Center, NY, USA, 14 February, 2000, pp.32. :
Transfer from CDS 0.99.7: PDF;
|