Abstract
A proposed Internet systems security layer with context-oriented security mechanisms reduces the risk associated with possible vulnerabilities. A metric of the system trust level is proposed, and then evaluated according to a university Internet system.
Citations
-
2
CrossRef
-
0
Web of Science
-
3
Scopus
Authors (2)
Cite as
Full text
download paper
downloaded 111 times
- Publication version
- Accepted or Published Version
- License
- Copyright (2017 IEEE)
Keywords
Details
- Category:
- Articles
- Type:
- artykuł w czasopiśmie wyróżnionym w JCR
- Published in:
-
IEEE SECURITY & PRIVACY
no. 15,
edition 1,
pages 32 - 40,
ISSN: 1540-7993 - Language:
- English
- Publication year:
- 2017
- Bibliographic description:
- Lubomski P., Krawczyk H.: Practical Evaluation of Internet Systems' Security Mechanisms// IEEE SECURITY & PRIVACY. -Vol. 15, iss. 1 (2017), s.32-40
- DOI:
- Digital Object Identifier (open in new tab) 10.1109/msp.2017.13
- Bibliography: test
-
- D.R. Kuhn, E.J. Coyne, and T.R. Weil, "Adding Attributes to Role-Based Access Control," Computer, vol. 43, no. 6, 2010, pp. 79-81. open in new tab
- Q.M. Rajpoot, C.D. Jensen, and R. Krishnan, "Integrating Attri- butes into Role-Based Access Control," Proc. Data and Applica- tions Security and Privacy XXIX, 2015, pp. 242-249. open in new tab
- T. Mather, S. Kumaraswamy, and S. Latif, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance, O'Reilly, 2009. References 1. S.P.S. Pahnila, M.S.M. Siponen, and A.M.A. Mahmood, "Employees' Behavior towards IS Security Policy Com- pliance," Proc. 40th Ann. Hawaii Int'l Conf. System Sciences (HICSS 07), 2007; doi:10.1109/HICSS.2007.206. open in new tab
- S. Furnell, "Usability versus Complexity-Striking the Balance in End-User Security," Network Security, vol. 2010, no. 12, 2010, pp. 13-17. open in new tab
- J.M. Stanton et al., "Analysis of End User Security Behaviors," Computers and Security, vol. 24, no. 2, 2005, pp. 124-133. open in new tab
- M. Strembeck and G. Neumann, "An Integrated Approach to Engineer and Enforce Context Constraints in RBAC Environments," ACM Trans. Information and System Secu- rity, vol. 7, no. 3, 2004, pp. 392-427. open in new tab
- F. Cuppens and N. Cuppens-Boulahia, "Modeling Con- textual Security Policies," Int'l J. Information Security, vol. 7, no. 4, 2007, pp. 285-305. open in new tab
- X. Jin, R. Krishnan, and R. Sandhu, "A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC," LNCS 7371, 2012, pp. 41-55; doi:10.1007/978-3-642-31540-4_4. open in new tab
- Z. Maamar, D. Benslimane, and N.C. Narendra, "What Can Context Do for Web Services?," Comm. ACM, vol. 49, no. 12, 2006, pp. 98-103. open in new tab
- R. Mayrhofer, H.R. Schmidtke, and S. Sigg, "Security and Trust in Context-Aware Applications," Personal and Ubiquitous Computing, Nov. 2012; doi:10.1007 /s00779-012-0630-2. open in new tab
- M.L. Damiani et al., "GEO-RBAC," ACM Trans. Informa- tion and System Security, vol. 10, no. 1, 2007, article 2. open in new tab
- L. Sliman, F. Biennier, and Y. Badr, "A Security Policy Framework for Context-Aware and User Preferences in E-Services," J. Systems Architecture, vol. 55, 2009, pp. 275-288. open in new tab
- A. Gupta, M.S. Kirkpatrick, and E. Bertino, "A Formal Proximity Model for RBAC Systems," Computers and Security, Sept. 2013; doi:10.1016/j.cose.2013.08.012. open in new tab
- H. Krawczyk and P. Lubomski, "User Trust Levels and Their Impact on System Security and Usability" Comm. Computer and Information Science, vol. 522, 2015, pp. 82-91. open in new tab
- A. Bouguettaya et al., "Efficient Agglomerative Hierarchi- cal Clustering," Expert Systems with Applications, vol. 42, no. 5, 2015, pp. 2785-2797. open in new tab
- N. Dimmock et al., "Using Trust and Risk in Role-Based Access Control Policies," Proc. 9th ACM Symp. Access Control Models and Technologies (SACMAT 04), 2004, pp. 156-162. open in new tab
- P. Damián-Reyes, J. Favela, and J. Contreras-Castillo, "Uncertainty Management in Context-Aware Applica- tions: Increasing Usability and User Trust," Wireless Per- sonal Comm., vol. 56, no. 1, 2009, pp. 37-53. open in new tab
- S. Hernan et al., "Uncover Security Design Flaws Using the STRIDE Approach," Microsoft MSDN Magazine, 2006; download.microsoft.com/download/3/a/7 open in new tab
- /3a7fa450-1f33-41f7-9e6d-3aa95b5a6aea/MSDN MagazineNovember2006en-us.chm. open in new tab
- J.D. Meier et al., "Improving Web Application Secu- rity: Threats and Countermeasures," Microsoft
- Verified by:
- Gdańsk University of Technology
seen 266 times