Search For:

Displaying 1-17 out of 17 total
Efficient Data Tagging for Managing Privacy in the Internet of Things
Found in: 2012 IEEE International Conference on Green Computing and Communications (GreenCom)
By David Evans,David M. Eyers
Issue Date:November 2012
pp. 244-248
The Internet of Things creates an environment where software systems are influenced and controlled by phenomena in the physical world. The goal is invisible and natural interactions with technology. However, if such systems are to provide a high-quality pe...
 
IO Tetris: Deep Storage Consolidation for the Cloud via Fine-Grained Workload Analysis
Found in: Cloud Computing, IEEE International Conference on
By Rui Zhang,Ramani Routray,David M. Eyers,David Chambliss,Prasenjit Sarkar,Douglas Willcocks,Peter Pietzuch
Issue Date:July 2011
pp. 700-707
Intelligent workload consolidation in storage systems leads to better Return On Investment (ROI), in terms of more efficient use of data center resources, better Quality of Service (QoS), and lower power consumption. This is particularly significant yet ch...
 
Using Annotated Policy Documents as a User Interface for Process Management
Found in: Autonomic and Autonomous Systems, International Conference on
By Alan S. Abrahams, David M. Eyers
Issue Date:June 2007
pp. 64
Natural language policy documents are frequently used as starting point for requirements capture, leading to computer systems that manage process management within organisations. Rather than modelling explicit workflow graphs of business processes, this pa...
 
Compile-Time Enforcement of Dynamic Security Policies
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By David M. Eyers, Sriram Srinivasan, Ken Moody, Jean Bacon
Issue Date:June 2008
pp. 119-126
Dynamic separation of duties, delegation and other dynamic security constraints require the state of the security system to be managed explicitly at run-time in software. The majority of this software is still programmed directly by humans, and is thus sus...
 
A Capability-Based Access Control Architecture for Multi-Domain Publish/Subscribe Systems
Found in: Applications and the Internet, IEEE/IPSJ International Symposium on
By Lauri I. W. Pesonen, David M. Eyers, Jean Bacon
Issue Date:January 2006
pp. 222-228
Publish/subscribe has emerged as an attractive communication paradigm for building Internet-wide distributed systems by decoupling message senders from receivers. So far most of the research on publish/subscribe has focused on efficient event routing, even...
 
A Formal Model for Hierarchical Policy Contexts
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By András Belokosztolszki, Ken Moody, David M. Eyers
Issue Date:June 2004
pp. 127
Role-based access control (RBAC) models specify a policy interface for security administration, but do not provide guidelines for how large organisations should manage their roles. Parameterised RBAC systems are even more expressive; however, this adds to ...
 
Policy Contexts: Controlling Information Flow in Parameterised RBAC
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By András Belokosztolszki, David M. Eyers, Ken Moody
Issue Date:June 2003
pp. 99
Many RBAC models have augmented the fundamental requirement of a role abstraction with features such as parameterised roles and environment-aware policy. This paper examines the potential for unintentional leakage of information during RBAC policy enforcem...
 
Policy Storage for Role-Based Access Control Systems
Found in: Enabling Technologies, IEEE International Workshops on
By András Belokosztolszki, David M. Eyers, Wei Wang, Ken Moody
Issue Date:June 2003
pp. 196
Role-based access control has been a focal area for many security researchers over the last decade. There have been a large number of models, and many rich specification languages. However there has been little attention paid to the way in which access con...
 
A model of information flow control to determine whether malfunctions cause the privacy invasion
Found in: Proceedings of the First Workshop on Measurement, Privacy, and Mobility (MPM '12)
By David M. Eyers, David Evans, Jean Bacon
Issue Date:April 2012
pp. 1-6
Privacy is difficult to assure in complex systems that collect, process, and store data about individuals. The problem is particularly acute when data arise from sensing physical phenomena as individuals are unlikely to realise that actions such as walking...
     
Deontic logic for modelling data flow and use compliance
Found in: Proceedings of the 6th international workshop on Middleware for pervasive and ad-hoc computing (MPAC '08)
By David Evans, David M. Eyers
Issue Date:December 2008
pp. 19-24
We advocate using deontic logic and its representation in the Event Calculus to control access to information in a distributed ubiquitous system. Contracts between information owners are encoded in terms of classes of organisations, data, and interactions....
     
Disclosure control in multi-domain publish/subscribe systems
Found in: Proceedings of the 5th ACM international conference on Distributed event-based system (DEBS '11)
By David M. Eyers, Jatinder Singh, Jean Bacon
Issue Date:July 2011
pp. 159-170
Publish/subscribe is an effective paradigm for event dissemination over wide-area systems. However, there is tension between the convenience of open information delivery, and the need to protect data from unauthorised access. Publish/subscribe security mod...
     
Relational database support for event-based middleware functionality
Found in: Proceedings of the Fourth ACM International Conference on Distributed Event-Based Systems (DEBS '10)
By David M. Eyers, Jatinder Singh, Jean Bacon, Ken Moody, Luis Vargas
Issue Date:July 2010
pp. 160-171
Many of the popular relational database management systems (RDBMS) provide features for operating in a distributed environment, such as remote table queries and updates, and support for distributed transactions. In practice, however, much application softw...
     
Towards a middleware for configuring large-scale storage infrastructures
Found in: Proceedings of the 7th International Workshop on Middleware for Grids, Clouds and e-Science (MGC '09)
By David M. Eyers, Douglas Willcocks, Peter Pietzuch, Ramani Routray, Rui Zhang
Issue Date:November 2009
pp. 1-6
The rapid proliferation of cloud and service-oriented computing infrastructure is creating an ever increasing thirst for storage within data centers. Ideally management applications in cloud deployments should operate in terms of high-level goals, and not ...
     
Controlling historical information dissemination in publish/subscribe
Found in: Proceedings of the 2008 workshop on Middleware security (MidSec '08)
By David M. Eyers, Jatinder Singh, Jean Bacon
Issue Date:December 2008
pp. 34-39
Application environments dealing with sensitive information require mechanisms to define the circumstances for data disclosure. In event-based environments, access control typically concerns messages (events) as they occur. However, scenarios exist in whic...
     
Credential management in event-driven healthcare systems
Found in: Proceedings of the ACM/IFIP/USENIX international middleware conference companion on Middleware '08 Companion (Companion '08)
By David M. Eyers, Jatinder Sing, Jean Bacon
Issue Date:December 2008
pp. 31-36
Health processes generate data that must be both stored and shared---often across organisational boundaris. Emerging initiatives in healthcare require the dynamic formation of care teams spanning widely-distributed, heterogeneous infrastructure. These envi...
     
Access control in publish/subscribe systems
Found in: Proceedings of the second international conference on Distributed event-based systems (DEBS '08)
By David M. Eyers, Jatinder Singh, Jean Bacon, Peter R. Pietzuch
Issue Date:July 2008
pp. 1-29
Two convincing paradigms have emerged for achieving scalability in widely distributed systems: publish/subscribe communication and role-based, policy-driven control of access to the system by applications. A strength of publish/subscribe is its many-to-man...
     
Encryption-enforced access control in dynamic multi-domain publish/subscribe networks
Found in: Proceedings of the 2007 inaugural international conference on Distributed event-based systems (DEBS '07)
By David M. Eyers, Jean Bacon, Lauri I. W. Pesonen
Issue Date:June 2007
pp. 104-115
Publish/subscribe systems provide an efficient, event-based, wide-area distributed communications infrastructure. Large scale publish/subscribe systems are likely to employ components of the event transport network owned by cooperating, but independent org...
     
 1