Search For:

Displaying 1-50 out of 63 total
SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments
Found in: Computer Software and Applications Conference Workshops
By Hassan Takabi, James B. D. Joshi, Gail-Joon Ahn
Issue Date:July 2010
pp. 393-398
Cloud computing has recently gained tremendous momentum but still is in its infancy. It has the potential for significant cost reduction and the increased operating efficiencies in computing. Although security issues are delaying its fast adoption, cloud c...
 
An Application of Directory Service Markup Language (DSML) for Role-Based Access Control (RBAC)
Found in: Computer Software and Applications Conference, Annual International
By Dongwan Shin, Gail-Joon Ahn, Joon S. Park
Issue Date:August 2002
pp. 934
Directory service markup language (DSML) prescribes how to manipulate directory services information in XML, and thus it facilitates sharing of directory information as XML fragments among XML-based applications. In this paper, we describe how to leverage ...
 
Guest Editors' Introduction: Special Issue on Security and Privacy in Mobile Platforms
Found in: IEEE Transactions on Dependable and Secure Computing
By Gail-Joon Ahn,William Enck,Dongwan Dongwan Shin
Issue Date:May 2014
pp. 209-210
The articles in this special issue focus on the use of computer security and privacy applications in mobile communication platforms.
   
Remote Attestation with Domain-Based Integrity Model and Policy Analysis
Found in: IEEE Transactions on Dependable and Secure Computing
By Wenjuan Xu,Xinwen Zhang,Hongxin Hu,Gail-Joon Ahn,Jean-Pierre Seifert
Issue Date:May 2012
pp. 429-442
We propose and implement an innovative remote attestation framework called DR@FT for efficiently measuring a target system based on an information flow-based integrity model. With this model, the high integrity processes of a system are first measured and ...
 
Systematic Policy Analysis for High-Assurance Services in SELinux
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Gail-Joon Ahn, Wenjuan Xu, Xinwen Zhang
Issue Date:June 2008
pp. 3-10
Identifying and protecting the trusted computing base (TCB) of a system is an important task to provide high- assurance services since a set of trusted subjects should be legitimately articulated for target applications. In this pa- per, we present a forma...
 
Towards Effective Security Policy Management for Heterogeneous Network Environments
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Lawrence Teo, Gail-Joon Ahn
Issue Date:June 2007
pp. 241-245
In this paper, we overview a system-driven policy framework called Chameleos-x and discuss how a practical, system-driven approach could be used to address the problem of enforcing security policies consistently in a changing, diversity-rich environment. T...
 
Role-Based Authorization Constraints Specification Using Object Constraint Language
Found in: Enabling Technologies, IEEE International Workshops on
By Gail-Joon Ahn, Michael. E. Shin
Issue Date:June 2001
pp. 157
The purpose of access control is to limit the actions on a computer system that a legitimate user can perform. The role-based access control (RBAC) has generated great interest in the security community as a flexible approach in access control. One of impo...
 
A Framework for Enabling User-Controlled Persona in Online Social Networks
Found in: Computer Software and Applications Conference, Annual International
By Dongwan Shin, Rodrigo Lopes, William Claycomb, Gail-Joon Ahn
Issue Date:July 2009
pp. 292-297
As the use of personal information in social network sites seems manifold, including the representation of an individual's digital persona (or social role) and identification, so does the abuse or misuse of the information. The issue of privacy is critical...
 
Discovery and Resolution of Anomalies in Web Access Control Policies
Found in: IEEE Transactions on Dependable and Secure Computing
By Hongxin Hu, Gail-Joon Ahn,Ketan Kulkarni
Issue Date:November 2013
pp. 341-354
Emerging computing technologies such as web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorize...
 
ACaaS: Access Control as a Service for IaaS Cloud
Found in: 2013 International Conference on Social Computing (SocialCom)
By Ruoyu Wu,Xinwen Zhang,Gail-Joon Ahn,Hadi Sharifi,Haiyong Xie
Issue Date:September 2013
pp. 423-428
Organizations and enterprises have been outsourcing their computation, storage, and workflows to Infrastructure-as-a-Service (IaaS) based cloud platforms. The heterogeneity and high diversity of IaaS cloud environment demand a comprehensive and fine-graine...
 
Multiparty Access Control for Online Social Networks: Model and Mechanisms
Found in: IEEE Transactions on Knowledge and Data Engineering
By Hongxin Hu,Gail-Joon Ahn,Jan Jorgensen
Issue Date:July 2013
pp. 1614-1627
Online social networks (OSNs) have experienced tremendous growth in recent years and become a de facto portal for hundreds of millions of Internet users. These OSNs offer attractive means for digital social interactions and information sharing, but also ra...
 
Dynamic Audit Services for Outsourced Storages in Clouds
Found in: IEEE Transactions on Services Computing
By Yan Zhu, Gail-Joon Ahn, Hongxin Hu,S. S. Yau,H. G. An, Chang-Jun Hu
Issue Date:April 2013
pp. 227-238
In this paper, we propose a dynamic audit service for verifying the integrity of an untrusted and outsourced storage. Our audit service is constructed based on the techniques, fragment structure, random sampling, and index-hash table, supporting provable u...
 
Collaboration in Multicloud Computing Environments: Framework and Security Issues
Found in: Computer
By Mukesh Singhal,Santosh Chandrasekhar,Tingjian Ge,Ravi Sandhu,Ram Krishnan,Gail-Joon Ahn,Elisa Bertino
Issue Date:February 2013
pp. 76-84
A proposed proxy-based multicloud computing framework allows dynamic, on-the-fly collaborations and resource sharing among cloud-based services, addressing trust, policy, and privacy issues without preestablished collaboration agreements or standardized in...
 
Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage
Found in: IEEE Transactions on Parallel and Distributed Systems
By Yan Zhu,Hongxin Hu,Gail-Joon Ahn,Mengyang Yu
Issue Date:December 2012
pp. 2231-2244
Provable data possession (PDP) is a technique for ensuring the integrity of data in storage outsourcing. In this paper, we address the construction of an efficient PDP scheme for distributed cloud storage to support the scalability of service and data migr...
 
Detecting and Resolving Firewall Policy Anomalies
Found in: IEEE Transactions on Dependable and Secure Computing
By Hongxin Hu,Gail-Joon Ahn,Ketan Kulkarni
Issue Date:May 2012
pp. 318-331
The advent of emerging computing technologies such as service-oriented architecture and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized...
 
Automatic Extraction of Secrets from Malware
Found in: Reverse Engineering, Working Conference on
By Ziming Zhao,Gail-Joon Ahn,Hongxin Hu
Issue Date:October 2011
pp. 159-168
As promising results have been obtained in defeating code obfuscation techniques, malware authors have adopted protection approaches to hide malware-related data from analysis. Consequently, the discovery of internal cipher text data in malware is now crit...
 
Risk-Aware Mitigation for MANET Routing Attacks
Found in: IEEE Transactions on Dependable and Secure Computing
By Ziming Zhao,Hongxin Hu,Gail-Joon Ahn,Ruoyu Wu
Issue Date:March 2012
pp. 250-260
Mobile Ad hoc Networks (MANET) have been highly vulnerable to attacks due to the dynamic nature of its network infrastructure. Among these attacks, routing attacks have received considerable attention since it could cause the most devastating damage to MAN...
 
MasterBlaster: Identifying Influential Players in Botnet Transactions
Found in: Computer Software and Applications Conference, Annual International
By Napoleon C. Paxton,Gail-Joon Ahn,Mohamed Shehab
Issue Date:July 2011
pp. 413-419
Botnets continue to be a critical tool for hackers in exploiting vulnerabilities of systems and destructing computer networks. Botnet monitoring is a method used to study and identify malicious capabilities of a botnet, but current botnet monitoring projec...
 
Security and Privacy in Social Networks
Found in: IEEE Internet Computing
By Gail-Joon Ahn, Mohamed Shehab, Anna Squicciarini
Issue Date:May 2011
pp. 10-12
<p>Over the past several years, social networking sites have arisen to facilitate social interactions on the Internet while revolutionizing how online users interact with others. Most social networking sites offer the basic features of online interac...
 
Security and Privacy Challenges in Cloud Computing Environments
Found in: IEEE Security and Privacy
By Hassan Takabi, James B.D. Joshi, Gail-Joon Ahn
Issue Date:November 2010
pp. 24-31
The cloud computing paradigm is still evolving, but has recently gained tremendous momentum. However, security and privacy issues pose as the key roadblock to its fast adoption. In this article, the authors present security and privacy challenges that are ...
 
Representing and Reasoning about Web Access Control Policies
Found in: Computer Software and Applications Conference, Annual International
By Gail-Joon Ahn, Hongxin Hu, Joohyung Lee, Yunsong Meng
Issue Date:July 2010
pp. 137-146
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unautho...
 
Enforcing Role-Based Access Control Policies in Web Services with UML and OCL
Found in: Computer Security Applications Conference, Annual
By Karsten Sohr, Tanveer Mustafa, Xinyu Bao, Gail-Joon Ahn
Issue Date:December 2008
pp. 257-266
Role-based access control (RBAC) is a powerful means for laying out higher-level organizational policies such as separation of duty, and for simplifying the security management process. One of the important aspects of RBAC is authorization constraints that...
 
Towards Role-Based Authorization for OSGi Service Environments
Found in: Future Trends of Distributed Computing Systems, IEEE International Workshop
By Gail-Joon Ahn, Hongxin Hu, Jing Jin
Issue Date:October 2008
pp. 23-29
OSGi framework enables diverse devices to conveniently establish a local area network environment such as homes, offices, and automobiles. Access control is one of the crucial parts which should be considered in such emerging environments. However, the cur...
 
Analyzing and Managing Role-Based Access Control Policies
Found in: IEEE Transactions on Knowledge and Data Engineering
By Karsten Sohr, Michael Drouineaud, Gail-Joon Ahn, Martin Gogolla
Issue Date:July 2008
pp. 924-939
Today more and more security-relevant data is stored on computer systems; security-critical business processes are mapped to their digital counterparts. This situation applies to various domains such as health care industry, digital government, and financi...
 
User-centric privacy management for federated identity management
Found in: International Conference on Collaborative Computing: Networking, Applications and Worksharing
By Gail-Joon Ahn, Moonam Ko
Issue Date:November 2007
pp. 187-195
We have witnessed that the Internet is now a prime vehicle for business, community, and personal interactions. The notion of identity is the important component of this vehicle. Identity management has been recently considered to be a viable solution for s...
 
Collegiate Cyber Game Design Criteria and Participation
Found in: Computer and Information Science, ACIS International Conference on
By Bei-Tseng Chu, Gail-Joon Ahn, Steven Blanchard, James Deese, Richard Kelly, Huiming Yu, Ashika Young
Issue Date:July 2007
pp. 1036-1041
Cyber games are gaining popularity in universities as a tool to further information security education. Recently prominent national and international collegiate cyber games were conducted and efforts are underway to institutionalize these games. This paper...
 
Towards Secure Information Sharing and Management in Grid Environments
Found in: International Conference on Collaborative Computing: Networking, Applications and Worksharing
By Jing Jin, Gail-Joon Ahn
Issue Date:November 2006
pp. 63
The introduction of service-oriented paradigm in grid and corresponding Web services standards has recently demanded the evolution of access control solutions to support finegrained authorization requirements and dynamic natures derived from grid environme...
 
Secure Information Sharing Using Role-based Delegation
Found in: Information Technology: Coding and Computing, International Conference on
By Gail-Joon Ahn, Badrinath Mohan
Issue Date:April 2004
pp. 810
As computing becomes more pervasive, information sharing occurs in broad, highly dynamic network-based environments. Such pervasive computing environments pose a difficult challenge in formally accessing the resources. The digital information generally rep...
 
Defeating Internet Attacks Using Risk Awareness and Active Honeypots
Found in: Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on
By Lawrence Teo, Yu-An Sun, Gail-Joon Ahn
Issue Date:April 2004
pp. 155
New forms of Internet attacks, such as SQL Slammer, have become increasingly sophisticated. Although coded in a simple way, the SQL Slammer worm propagated all over the world at an extremely high speed in a short period of time, rendering it impossible for...
 
Specification and Classification of Role-based Authorization Policies
Found in: Enabling Technologies, IEEE International Workshops on
By Gail-Joon Ahn
Issue Date:June 2003
pp. 202
Constraints are an important aspect of role-based access control (RBAC). Although the importance of constraints in RBAC has been recognized for a long time, they have not received much attention. In this paper we classify RBAC constraints into two major cl...
 
Intrusion Detection Force: An Infrastructure for Internet-Scale Intrusion Detection
Found in: Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on
By Lawrence Teo, Yuliang Zheng, Gail-Joon Ahn
Issue Date:March 2003
pp. 73
Intrusion Detection Systems (IDSs) are usually deployed within the confines of an organization. There is usually no exchang of information between an IDS in one organization with those in other organizations. The effectiveness of IDSs at detecting present-...
 
Towards Scalable Authentication in Health Services
Found in: Enabling Technologies, IEEE International Workshops on
By Gail-Joon Ahn, Dongwan Shin
Issue Date:June 2002
pp. 83
Over the last two decades, many attempts have been made to computerize the management of patient records using advanced computing and networking facilities across healthcare providers such as hospitals, clinics, and clearing agencies. In addition to this t...
 
UML-Based Representation of Role-Based Access Control
Found in: Enabling Technologies, IEEE International Workshops on
By Michael E. Shin, Gail-Joon Ahn
Issue Date:March 2000
pp. 195
In role-based access, control (RBAC) permissions are associated with roles, and users are made members of appropriate roles thereby acquiring the roles' permissions. The principal motivation behind RBAC is to simplify administration. Several frameworks for...
 
Towards trust-aware access management for ad-hoc collaborations
Found in: International Conference on Collaborative Computing: Networking, Applications and Worksharing
By Jing Jin, Gail-Joon Ahn, Mohamed Shehab, Hongxin Hu
Issue Date:November 2007
pp. 41-48
In an ad-hoc collaborative sharing environment, attribute-based access control provides a promising approach in defining authorization over shared resources based on users’ properties/attributes rather than their identities. While the user’s attributes are...
 
Towards Automated Risk Assessment and Mitigation of Mobile Application
Found in: IEEE Transactions on Dependable and Secure Computing
By Yiming Jing,Gail-Joon Ahn,Ziming Zhao,Hongxin Hu
Issue Date:February 2015
pp. 1
Mobile operating systems, such as Apple’s iOS and Google’s Android, have supported a ballooning market of featurerich mobile applications. However, helping users understand and mitigate security risks of mobile applications is still an ongoing challenge. W...
 
Verifying Access Control Properties with Design by Contract: Framework and Lessons Learned
Found in: 2013 IEEE 37th Annual Computer Software and Applications Conference (COMPSAC)
By Carlos E. Rubio-Medrano,Gail-Joon Ahn,Karsten Sohr
Issue Date:July 2013
pp. 21-26
Ensuring the correctness of high-level security properties including access control policies in mission-critical applications is indispensable. Recent literature has shown how immaturity of such properties has caused serious security vulnerabilities, which...
 
Injecting RBAC to secure a Web-based workflow system
Found in: Proceedings of the fifth ACM workshop on Role-based access control (RBAC '00)
By Gail-Joon Ahn, Joon Park, Myong Kang, Ravi Sandhu
Issue Date:July 2000
pp. 1-10
Web-based workflow systems have recently received much attention because they can support dynamic business processes over heterogeneous computing systems. Most existing web-based workflow systems, however, provide minimal security services such as authenti...
     
Detecting and resolving privacy conflicts for collaborative data sharing in online social networks
Found in: Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC '11)
By Gail-Joon Ahn, Hongxin Hu, Jan Jorgensen
Issue Date:December 2011
pp. 103-112
We have seen tremendous growth in online social networks (OSNs) in recent years. These OSNs not only offer attractive means for virtual social interactions and information sharing, but also raise a number of security and privacy issues. Although OSNs allow...
     
Anomaly discovery and resolution in web access control policies
Found in: Proceedings of the 16th ACM symposium on Access control models and technologies (SACMAT '11)
By Gail-Joon Ahn, Hongxin Hu, Ketan Kulkarni
Issue Date:June 2011
pp. 165-174
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unautho...
     
Dynamic audit services for integrity verification of outsourced storages in clouds
Found in: Proceedings of the 2011 ACM Symposium on Applied Computing (SAC '11)
By Gail-Joon Ahn, Hongxin Hu, Huaixi Wang, Stephen S. Yau, Yan Zhu, Zexing Hu
Issue Date:March 2011
pp. 1550-1557
In this paper, we propose a dynamic audit service for verifying the integrity of an untrusted and outsourced storage. Our audit service is constructed based on the techniques, fragment structure, random sampling and index-hash table, supporting provable up...
     
FAME: a firewall anomaly management environment
Found in: Proceedings of the 3rd ACM workshop on Assurable and usable security configuration (SafeConfig '10)
By Gail-Joon Ahn, Hongxin Hu, Ketan Kulkarni
Issue Date:October 2010
pp. 17-26
Firewalls are a widely deployed security mechanism to ensure the security of private networks in most businesses and institutions. The effectiveness of security protection provided by a firewall mainly depends on the quality of policy configured in the fir...
     
Efficient provable data possession for hybrid clouds
Found in: Proceedings of the 17th ACM conference on Computer and communications security (CCS '10)
By Gail-Joon Ahn, Hongxin Hu, Huaixi Wang, Stephen S. Yau, Yan Zhu, Zexing Hu
Issue Date:October 2010
pp. 756-758
Provable data possession is a technique for ensuring the integrity of data in outsourcing storage service. In this paper, we propose a cooperative provable data possession scheme in hybrid clouds to support scalability of service and data migration, in whi...
     
Cryptographic role-based security mechanisms based on role-key hierarchy
Found in: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS '10)
By Gail-Joon Ahn, Hongxin Hu, Huaixi Wang, Yan Zhu
Issue Date:April 2010
pp. 314-319
Even though role-based access control (RBAC) can tremendously help us minimize the complexity in administering users, it is still needed to realize the notion of roles at the resource level. In this paper, we propose a practical cryptographic RBAC model, c...
     
Patient-centric authorization framework for sharing electronic health records
Found in: Proceedings of the 14th ACM symposium on Access control models and technologies (SACMAT '09)
By Gail-Joon Ahn, Hongxin Hu, Jing Jin, Michael J. Covington, Xinwen Zhang
Issue Date:June 2009
pp. 1-22
In modern healthcare environments, a fundamental requirement for achieving continuity of care is the seamless access to distributed patient health records in an integrated and unified manner, directly at the point of care. However, Electronic Health Record...
     
Visualization based policy analysis: case study in SELinux
Found in: Proceedings of the 13th ACM symposium on Access control models and technologies (SACMAT '08)
By Gail-Joon Ahn, Mohamed Shehab, Wenjuan Xu
Issue Date:June 2008
pp. 1-1
Determining whether a given policy meets a site's high-level security goals can be difficult, due to the low-level nature and complexity of the policy language, and the multiple policy violation patterns. In this paper, we propose a visualization-based pol...
     
Towards realizing a formal RBAC model in real systems
Found in: Proceedings of the 12th ACM symposium on Access control models and technologies (SACMAT '07)
By Gail-Joon Ahn, Hongxin Hu
Issue Date:June 2007
pp. 215-224
There still exists an open question on how formal models can be fully realized in the system development phase. The Model Driven Development (MDD) approach has been recently introduced to deal with such a critical issue for building high assurance software...
     
Managing heterogeneous network environments using an extensible policy framework
Found in: Proceedings of the 2nd ACM symposium on Information, computer and communications security (ASIACCS '07)
By Gail-Joon Ahn, Lawrence Teo
Issue Date:March 2007
pp. 362-364
Security policy management is critical to meet organizational needs and reduce potential risks because almost every organization depends on computer networks and the Internet for their daily operations. It is therefore important to specify and enforce secu...
     
Guest editorial: Special issue on access control models and technologies
Found in: ACM Transactions on Information and System Security (TISSEC)
By Gail-Joon Ahn
Issue Date:February 2007
pp. 1-es
We study algorithmic problems that are motivated by bandwidth trading in next-generation networks. Typically, bandwidth trading involves sellers (e.g., network operators) interested in selling bandwidth pipes that offer to buyers a guaranteed level of serv...
     
Role-based access management for ad-hoc collaborative sharing
Found in: Proceedings of the eleventh ACM symposium on Access control models and technologies (SACMAT '06)
By Gail-Joon Ahn, Jing Jin
Issue Date:June 2006
pp. 200-209
Under scientific collaborations, resource sharing tends to be highly dynamic and often ad hoc. The dynamic characteristics and sharing patterns of ad-hoc collaborative sharing impose a need for comprehensive and flexible approaches to reflect and cope with...
     
Building problem domain ontology from security requirements in regulatory documents
Found in: Proceedings of the 2006 international workshop on Software engineering for secure systems (SESS '06)
By Deepak Yavagal, Divya Muthurajan, Gail-Joon Ahn, Robin Gandhi, Seok-Won Lee
Issue Date:May 2006
pp. 43-50
Establishing secure systems assurance based on Certification and Accreditation (C&A) activities, requires effective ways to understand the enforced security requirements, gather relevant evidences, perceive related risks in the operational environment, and...
     
 1  2 Next >>