Search For:

Displaying 1-29 out of 29 total
Human Effects of Enhanced Privacy Management Models
Found in: IEEE Transactions on Dependable and Secure Computing
By Gorrell P. Cheek,Mohamed Shehab
Issue Date:March 2014
pp. 142-154
We enhance existing and introduce new social network privacy management models and we measure their human effects. First, we introduce a mechanism using proven clustering techniques that assists users in grouping their friends for traditional group-based p...
 
Access Control Policy Misconfiguration Detection in Online Social Networks
Found in: 2013 International Conference on Social Computing (SocialCom)
By Yousra Javed,Mohamed Shehab
Issue Date:September 2013
pp. 544-549
The ability to stay connected with friends online and share information, has accounted for the popularity of online social networking websites. However, the overwhelming task of access control policy management for information shared on these websites has ...
 
Secure Provenance Transmission for Streaming Data
Found in: IEEE Transactions on Knowledge and Data Engineering
By Salmin Sultana,Mohamed Shehab,Elisa Bertino
Issue Date:August 2013
pp. 1890-1903
Many application domains, such as real-time financial analysis, e-healthcare systems, sensor networks, are characterized by continuous data streaming from multiple sources and through intermediate processing by multiple aggregators. Keeping track of data p...
 
A Lightweight Secure Provenance Scheme for Wireless Sensor Networks
Found in: 2012 IEEE 18th International Conference on Parallel and Distributed Systems (ICPADS)
By Salmin Sultana,Gabriel Ghinita,Elisa Bertino,Mohamed Shehab
Issue Date:December 2012
pp. 101-108
Large-scale sensor networks are being deployed in numerous application domains, and often the data they collect are used in decision-making for critical infrastructures. Data are streamed from multiple sources through intermediate processing nodes that agg...
 
REM: A runtime browser extension manager with fine-grained access control
Found in: 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST)
By Said M. Marouf,Mohamed Shehab,Adharsh Desikan
Issue Date:July 2012
pp. 231-232
In this paper we implement a runtime framework that monitors the accesses made by third party Chrome extensions, informs users of the accesses, & allows them to customize extension permissions. The custom permission settings are enforced by the framewo...
 
Secure Distributed Solution for Optimal Energy Consumption Scheduling in Smart Grid
Found in: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
By Mohammad Ashiqur Rahman,Libin Bai,Mohamed Shehab,Ehab Al-Shaer
Issue Date:June 2012
pp. 279-286
The demand-side energy management is crucial to optimize the energy usage with its production cost, so that the price paid by the users is minimized, while it also satisfies the demand. The recent proposed solutions leverage the two- way communication infr...
 
Recommendation Models for Open Authorization
Found in: IEEE Transactions on Dependable and Secure Computing
By Mohamed Shehab,Said Marouf
Issue Date:July 2012
pp. 582-594
Major online platforms such as Facebook, Google, and Twitter allow third-party applications such as games, and productivity applications access to user online private data. Such accesses must be authorized by users at installation time. The Open Authorizat...
 
MasterBlaster: Identifying Influential Players in Botnet Transactions
Found in: Computer Software and Applications Conference, Annual International
By Napoleon C. Paxton,Gail-Joon Ahn,Mohamed Shehab
Issue Date:July 2011
pp. 413-419
Botnets continue to be a critical tool for hackers in exploiting vulnerabilities of systems and destructing computer networks. Botnet monitoring is a method used to study and identify malicious capabilities of a botnet, but current botnet monitoring projec...
 
iLayer: Toward an Application Access Control Framework for Content Management Systems
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Gorrell Cheek, Mohamed Shehab, Truong Ung, Ebonie Williams
Issue Date:June 2011
pp. 65-72
Content Management Systems (CMS) simplify the process of web content creation, publication, and management. Many CMS platforms are extensible via third party developed applications providing additional functionality such as search, site navigation, and loc...
 
A Provenance Based Mechanism to Identify Malicious Packet Dropping Adversaries in Sensor Networks
Found in: Distributed Computing Systems Workshops, International Conference on
By Salmin Sultana, Elisa Bertino, Mohamed Shehab
Issue Date:June 2011
pp. 332-338
Malicious packet dropping attack is a major security threat to the data traffic in the sensor network, since it reduces the legal network throughput and may hinder the propagation of sensitive data. Dealing with this attack is challenging since the unrelia...
 
Security and Privacy in Social Networks
Found in: IEEE Internet Computing
By Gail-Joon Ahn, Mohamed Shehab, Anna Squicciarini
Issue Date:May 2011
pp. 10-12
<p>Over the past several years, social networking sites have arisen to facilitate social interactions on the Internet while revolutionizing how online users interact with others. Most social networking sites offer the basic features of online interac...
 
Social-Networks Connect Services
Found in: Computer
By Moo Nam Ko, Gorrell P. Cheek, Mohamed Shehab, Ravi Sandhu
Issue Date:August 2010
pp. 37-43
New services such as Facebook Platform, Google Friend Connect, and MySpaceID let third-party sites develop social applications without having to build their own social network. These social-networks connect services increase access to and enrich user data ...
 
User Centric Policy Management in Online Social Networks
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Mohamed Shehab, Gorrell Cheek, Hakim Touati, Anna C. Squicciarini, Pau-Chen Cheng
Issue Date:July 2010
pp. 9-13
Online social networking sites are experiencing tremendous user growth with hundreds of millions of active users. As a result, there is a tremendous amount of user profile data online, e.g., name, birth date, etc. Protecting this data is a challenge. The t...
 
Adaptive Reordering and Clustering-Based Framework for Efficient XACML Policy Evaluation
Found in: IEEE Transactions on Services Computing
By Said Marouf,Mohamed Shehab,Anna Squicciarini,Smitha Sundareswaran
Issue Date:October 2011
pp. 300-313
The adoption of XACML as the standard for specifying access control policies for various applications, especially web services is vastly increasing. This calls for high performance XACML policy evaluation engines. A policy evaluation engine can easily beco...
 
Statistics & Clustering Based Framework for Efficient XACML Policy Evaluation
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Said Marouf, Mohamed Shehab, Anna Squicciarini, Smitha Sundareswaran
Issue Date:July 2009
pp. 118-125
The adoption of XACML as the standard for specifying access control policies for various applications, especially web services is vastly increasing. A policy evaluation engine can easily become a bottleneck when enforcing large policies. In this paper we p...
 
Proactive Role Discovery in Mediator-Free Environments
Found in: Peer-to-Peer Computing, IEEE International Conference on
By Mohamed Shehab, Elisa Bertino, Arif Ghafoor
Issue Date:September 2008
pp. 150-159
The rapid proliferation of Internet and related technologies has created tremendous possibilities for the interoperability between domains in distributed environments. Interoperability does not come easy at it opens the way for several security and privacy...
 
Secure Collaboration in a Mediator-Free Distributed Environment
Found in: IEEE Transactions on Parallel and Distributed Systems
By Mohamed Shehab, Arif Ghafoor, Elisa Bertino
Issue Date:October 2008
pp. 1338-1351
The internet and related technologies have made multidomain collaborations a reality. Collaboration enables domains to effectively share resources; however it introduces several security and privacy challenges. Managing security in the absence of a central...
 
Watermarking Relational Databases Using Optimization-Based Techniques
Found in: IEEE Transactions on Knowledge and Data Engineering
By Mohamed Shehab, Elisa Bertino, Arif Ghafoor
Issue Date:January 2008
pp. 116-129
Proving ownership rights on outsourced relational databases is a crucial issue in today internet-based application environment and in many content distribution applications. In this paper, we present a mechanism for proof of ownership based on the secure e...
 
Distributed Access Management in Multimedia IDCs
Found in: Computer
By Rafae Bhatti, Basit Shafiq, Mohamed Shehab, Arif Ghafoor
Issue Date:September 2005
pp. 60-69
Future Internet data centers that provide multimedia content will face security challenges requiring appropriately designed policies to manage resource access. An example from the healthcare domain shows how an access-management framework can address these...
 
A Lightweight Secure Scheme for Detecting Provenance Forgery and Packet Drop Attacks in Wireless Sensor Networks
Found in: IEEE Transactions on Dependable and Secure Computing
By Salmin Sultana,Gabriel Ghinita,Elisa Bertino,Mohamed Shehab
Issue Date:January 2014
pp. 1
Large-scale sensor networks are deployed in numerous application domains, and the data they collect are used in decision-making for critical infrastructures. Data are streamed from multiple sources through intermediate processing nodes that aggregate infor...
 
Towards trust-aware access management for ad-hoc collaborations
Found in: International Conference on Collaborative Computing: Networking, Applications and Worksharing
By Jing Jin, Gail-Joon Ahn, Mohamed Shehab, Hongxin Hu
Issue Date:November 2007
pp. 41-48
In an ad-hoc collaborative sharing environment, attribute-based access control provides a promising approach in defining authorization over shared resources based on users’ properties/attributes rather than their identities. While the user’s attributes are...
 
ROAuth: recommendation based open authorization
Found in: Proceedings of the Seventh Symposium on Usable Privacy and Security (SOUPS '11)
By Mohamed Shehab
Issue Date:July 2011
pp. 1-12
Many major online platforms such as Facebook, Google, and Twitter, provide an open Application Programming Interface which allows third party applications to access user resources. The Open Authorization protocol (OAuth) was introduced as a secure and effi...
     
A learning-based approach for SELinux policy optimization with type mining
Found in: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW '10)
By Doan Minh Phuong, Mohamed Shehab, Said Marouf
Issue Date:April 2010
pp. 1-4
One of the major steps towards enhancing the security of the Linux operating system was the introduction of Security Enhanced Linux (SELinux) [1], developed by the U.S. National Security Agency. SELinux is a kernel Linux Security Module (LSM) that adds Man...
     
Social applications: exploring a more secure framework
Found in: Proceedings of the 5th Symposium on Usable Privacy and Security (SOUPS '09)
By Andrew Besmer, Gorrell Cheek, Heather Richter Lipford, Mohamed Shehab
Issue Date:July 2009
pp. 1-32
Online social network sites, such as MySpace, Facebook and others have grown rapidly, with hundreds of millions of active users. A new feature on many sites is social applications -- applications and services written by third party developers that provide ...
     
Collective privacy management in social networks
Found in: Proceedings of the 18th international conference on World wide web (WWW '09)
By Anna Cinzia Squicciarini, Federica Paci, Mohamed Shehab
Issue Date:April 2009
pp. 66-66
Social Networking is one of the major technological phenomena of the Web 2.0, with hundreds of millions of people participating. Social networks enable a form of self expression for users, and help them to socialize and share content with other users. In s...
     
Visualization based policy analysis: case study in SELinux
Found in: Proceedings of the 13th ACM symposium on Access control models and technologies (SACMAT '08)
By Gail-Joon Ahn, Mohamed Shehab, Wenjuan Xu
Issue Date:June 2008
pp. 1-1
Determining whether a given policy meets a site's high-level security goals can be difficult, due to the low-level nature and complexity of the policy language, and the multiple policy violation patterns. In this paper, we propose a visualization-based pol...
     
Web services discovery in secure collaboration environments
Found in: ACM Transactions on Internet Technology (TOIT)
By Arif Ghafoor, Kamal Bhattacharya, Mohamed Shehab
Issue Date:November 2007
pp. 5-es
Multidomain application environments where distributed domains interoperate with each other is a reality in Web-services-based infrastructures. Collaboration enables domains to effectively share resources; however, it introduces several security and privac...
     
Secure collaboration in mediator-free environments
Found in: Proceedings of the 12th ACM conference on Computer and communications security (CCS '05)
By Arif Ghafoor, Elisa Bertino, Mohamed Shehab
Issue Date:November 2005
pp. 58-67
The internet and related technologies have made multidomain collaborations a reality. Collaboration enables domains to effectively share resources; however it introduces several security and privacy challenges. Managing security in the absence of a central...
     
SERAT: SEcure role mApping technique for decentralized secure interoperability
Found in: Proceedings of the tenth ACM symposium on Access control models and technologies (SACMAT '05)
By Arif Ghafoor, Elisa Bertino, Mohamed Shehab
Issue Date:June 2005
pp. 159-167
Multi-domain application environments where distributed domains interoperate with each other are becoming a reality in internet-based and web-services based enterprise applications. The secure interoperation in a multidomain environment is a challenging pr...
     
 1