Add to ORKGThis short paper reports on a current project to conduct a detailed investigation into non-security professionals' vocabulary and understanding of e-infrastructure and assets, with the longer term aim of building an ontology and controlled natural language interface that will allow them to build security policies, incorporating complex concepts such as delegation of authority, separation of duties (SoD), obligations and conditions. The interface is designed around the principle of the virtuous circle, whereby the user's controlled natural language input is converted into machine processable XML, and then converted back again into natural language, so that the user can compare the computer's understanding of his policy with his own. The user...
Summary. The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactio...
Information Systems today rarely are contained within a single user workstation, server, or networke...
In most systems, authorization is specified using some low-level system-specific mechanisms, e.g. pr...
This short paper reports on a current project to conduct a detailed investigation into non-security ...
With the rapid development of web and Grid services, many researchers want to access remote resource...
This thesis is based on the research carried out under the EPSRC-funded EEAP project and the EC-fund...
The implementation of usable security is particularly challenging in the growing field of Grid compu...
Abstract: The security configuration of large networked ICT systems is a difficult and error-prone t...
Abstract—While access control mechanisms have existed in computer systems since the 1960s, modern sy...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and rea-soning about cred...
This paper presents a rule-based, domain specific language for modeling access control policies whic...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and reasoning about crede...
Over the last 35 years, researchers have proposed many different forms of security policies to contr...
Collaborative research can often have demands on finer-grained security that go beyond the authentic...
Abstract. Quite often attacks are enabled by mis-configurations generated by human errors. Policy-ba...
Summary. The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactio...
Information Systems today rarely are contained within a single user workstation, server, or networke...
In most systems, authorization is specified using some low-level system-specific mechanisms, e.g. pr...
This short paper reports on a current project to conduct a detailed investigation into non-security ...
With the rapid development of web and Grid services, many researchers want to access remote resource...
This thesis is based on the research carried out under the EPSRC-funded EEAP project and the EC-fund...
The implementation of usable security is particularly challenging in the growing field of Grid compu...
Abstract: The security configuration of large networked ICT systems is a difficult and error-prone t...
Abstract—While access control mechanisms have existed in computer systems since the 1960s, modern sy...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and rea-soning about cred...
This paper presents a rule-based, domain specific language for modeling access control policies whic...
Nexus Authorization Logic (NAL) provides a principled basis for specifying and reasoning about crede...
Over the last 35 years, researchers have proposed many different forms of security policies to contr...
Collaborative research can often have demands on finer-grained security that go beyond the authentic...
Abstract. Quite often attacks are enabled by mis-configurations generated by human errors. Policy-ba...
Summary. The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactio...
Information Systems today rarely are contained within a single user workstation, server, or networke...
In most systems, authorization is specified using some low-level system-specific mechanisms, e.g. pr...