Search For:

Displaying 1-45 out of 45 total
Optimal Boolean Matrix Decomposition: Application to Role Engineering
Found in: Data Engineering, International Conference on
By Haibing Lu, Jaideep Vaidya, Vijayalakshmi Atluri
Issue Date:April 2008
pp. 297-306
A decomposition of a binary matrix into two matrices gives a set of basis vectors and their appropriate combination to form the original matrix. Such decomposition solutions are useful in a number of application domains including text mining, role engineer...
 
Achieving Stricter Correctness Requirements in Multilevel Secure Databases
Found in: Security and Privacy, IEEE Symposium on
By Vijayalakshmi Atluri, Elisa Bertino, Sushil Jajodia
Issue Date:May 1993
pp. 135
<p>Although high assurance multilevel secure (MLS) database management systems (DBMSS) are slowly becoming commercially available, these systems are yet to offer a concurrency control protocol that is free of signaling channels and guarantees seriali...
 
Ensuring Privacy and Security for LBS through Trajectory Partitioning
Found in: Mobile Data Management, IEEE International Conference on
By Heechang Shin, Jaideep Vaidya, Vijayalakshmi Atluri, Sungyong Choi
Issue Date:May 2010
pp. 224-226
The concept of location k-anonymity has been proposed to address the privacy issue of location based services (LBS). Under this notion of anonymity, the adversary only has the knowledge that the LBS request originates from a region containing at least k pe...
 
Extended Boolean Matrix Decomposition
Found in: Data Mining, IEEE International Conference on
By Haibing Lu, Jaideep Vaidya, Vijayalakshmi Atluri, Yuan Hong
Issue Date:December 2009
pp. 317-326
With the vast increase in collection and storage of data, the problem of data summarization is most critical for effective data management. Since much of this data is categorical in nature, it can be viewed in terms of a Boolean matrix. Boolean matrix deco...
 
The Role Hierarchy Mining Problem: Discovery of Optimal Role Hierarchies
Found in: Computer Security Applications Conference, Annual
By Qi Guo, Jaideep Vaidya, Vijayalakshmi Atluri
Issue Date:December 2008
pp. 237-246
Role hierarchies are fundamental to the role based access control (RBAC) model. The notion of role hierarchy is a well understood concept that allows senior roles to inherit the permissions of the corresponding junior roles. Role hierarchies further ease t...
 
Role Engineering via Prioritized Subset Enumeration
Found in: IEEE Transactions on Dependable and Secure Computing
By Jaideep Vaidya, Vijayalakshmi Atluri, Janice Warner, Qi Guo
Issue Date:July 2010
pp. 300-314
Today, role-based access control (RBAC) has become a well-accepted paradigm for implementing access control because of its convenience and ease of administration. However, in order to realize the full benefits of the RBAC paradigm, one must first define th...
 
Random Walks to Identify Anomalous Free-Form Spatial Scan Windows
Found in: IEEE Transactions on Knowledge and Data Engineering
By Vandana P. Janeja, Vijayalakshmi Atluri
Issue Date:October 2008
pp. 1378-1392
Often, it is required to identify anomalous windows reflecting unusual rate of occurrence of a specific event of interest. Spatial scan statistic approach moves scan window over the region and computes the statistic of a parameter(s) of interest, and ident...
 
A Profile Anonymization Model for Privacy in a Personalized Location Based Service Environment
Found in: Mobile Data Management, IEEE International Conference on
By Heechang Shin, Vijayalakshmi Atluri, Jaideep Vaidya
Issue Date:April 2008
pp. 73-80
Location based services (LBS) aim at delivering point of need information. Personalization and customization of such services, based on the profiles of mobile users, would ignificantly increase the value of these services. Since profiles may include sensit...
 
FS³: A Random Walk Based Free-Form Spatial Scan Statistic for Anomalous Window Detection
Found in: Data Mining, IEEE International Conference on
By Vandana P. Janeja, Vijayalakshmi Atluri
Issue Date:November 2005
pp. 661-664
Often, it is required to identify anomalous windows over a spatial region that reflect unusual rate of occurrence of a specific event of interest. A spatial scan statistic essentially considers a scan window, and identifies anomalous windows by moving the ...
 
A Clickstream-Based Collaborative Filtering Recommendation Model for E-Commerce
Found in: E-Commerce Technology, IEEE International Conference on
By Dong-Ho Kim, Il Im, Vijayalakshmi Atluri
Issue Date:July 2005
pp. 84-91
In recent years, clickstream-based collaborative filtering (CCF) recommendation models have received much attention mainly due to their scalability. The common CCF recommendation models are Markov modesl, sequential association rules, association rules, an...
 
Color Time Petri Net for Interactive Adaptive Multimedia Objects
Found in: Multi-Media Modeling Conference, International
By Ahmed Gomaa, Nabil Adam, Vijayalakshmi Atluri
Issue Date:January 2005
pp. 147-157
A composite multimedia object (cmo) is comprised of different media components such as text, video, audio and image, with a variety of constraints that must be adhered to. The constraints are 1) rendering relationships that comprise the temporal and spatia...
 
An Authorization Model for Geospatial Data
Found in: IEEE Transactions on Dependable and Secure Computing
By Vijayalakshmi Atluri, Soon Ae Chun
Issue Date:October 2004
pp. 238-254
The advent of commercial observation satellites in the new millennium provides unprecedented access to timely information, as they produce images of the Earth with the sharpness and quality previously available only from US, Russian, and French military sa...
 
Policy-Based Web Service Composition
Found in: Research Issues in Data Engineering, International Workshop on
By Soon Ae Chun, Vijayalakshmi Atluri, Nabil R. Adam
Issue Date:March 2004
pp. 85-92
With the proliferation of Web technologies, the need to deliver services via the Web has increased tremendously. More and more, customers now demand one-stop service that calls for multiple services crossing organizational boundaries, which are required to...
 
A Dynamic Manifestation Approach for Providing Universal Access to Digital Library Objects
Found in: IEEE Transactions on Knowledge and Data Engineering
By Nabil R. Adam, Vijayalakshmi Atluri, Igg Adiwijaya, Sujata Banerjee, Richard Holowczak
Issue Date:July 2001
pp. 705-716
<p><b>Abstract</b>—<it>Digital libraries</it> are concerned with the creation and management of information sources, the movement of information across global networks, and the effective use of this information by a wide range...
 
Transaction Processing in Multilevel Secure Databases with Kernelized Architecture: Challenges and Solutions
Found in: IEEE Transactions on Knowledge and Data Engineering
By Vijayalakshmi Atluri, Sushil Jajodia, Elisa Bertino
Issue Date:September 1997
pp. 697-708
<p><b>Abstract</b>—Multilevel security poses many challenging problems for transaction processing. The challenges are due to the conflicting requirements imposed by confidentiality, integrity, and availability—the three components of secu...
 
Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Databases
Found in: IEEE Transactions on Knowledge and Data Engineering
By Vijayalakshmi Atluri, Sushil Jajodia, Elisa Bertino
Issue Date:October 1996
pp. 839-854
<p><b>Abstract</b>—This paper investigates issues related to transaction concurrency control in multilevel secure databases. It demonstrates how the conflicts between the correctness requirements and the secrecy requirements can be reconc...
 
The Partitioned Synchronization Rule for Planar Extendible Partial Orders
Found in: IEEE Transactions on Knowledge and Data Engineering
By Paul Ammann, Vijayalakshmi Atluri, Sushil Jajodia
Issue Date:October 1995
pp. 797-808
<p><it>Abstract</it>—The partitioned synchronization rule is a technique for proving the correctness of concurrency control algorithms. Prior work has shown the applicability of the partitioned synchronization rule to hierarchically decom...
 
The role mining problem: A formal perspective
Found in: ACM Transactions on Information and System Security (TISSEC)
By Jaideep Vaidya, Qi Guo, Qi Guo, Vijayalakshmi Atluri, Vijayalakshmi Atluri
Issue Date:July 2010
pp. 1-31
Devising a complete and correct set of roles has been recognized as one of the most important and challenging tasks in implementing role-based access control. A key problem related to this is the notion of goodness/interestingness—when is a role good...
     
Meeting Cardinality Constraints in Role Mining
Found in: IEEE Transactions on Dependable and Secure Computing
By Pullamsetty Harika,Marreddy Nagajyothi,John C. John,Shamik Sural,Jaideep Vaidya,Vijayalakshmi Atluri
Issue Date:March 2014
pp. 1
Role mining is a critical step for organizations that migrate from traditional access control mechanisms to Role Based Access Control (RBAC). Additional constraints may be imposed while generating roles from a given user-permission assignment relation. In ...
 
Constraint-Aware Role Mining via Extended Boolean Matrix Decomposition
Found in: IEEE Transactions on Dependable and Secure Computing
By Haibing Lu,Jaideep Vaidya,Vijayalakshmi Atluri,Yuan Hong
Issue Date:September 2012
pp. 655-669
The role mining problem has received considerable attention recently. Among the many solutions proposed, the Boolean matrix decomposition (BMD) formulation has stood out, which essentially discovers roles by decomposing the binary matrix representing user-...
 
Modeling and Evaluation of Redesigning Methodologies for Distributed Workflows
Found in: Modeling, Analysis, and Simulation of Computer Systems, International Symposium on
By Vijayalakshmi Atluri, Ravi Mukkamala
Issue Date:September 2000
pp. 248
Workflow management systems (WFMS) support the modeling and coordinated execution of processes within an organization. T o coordinate the execution of the various activities (or tasks) in a workflow, task dependencies are specified among them. Often, the w...
 
Community based emergency response
Found in: Proceedings of the 14th Annual International Conference on Digital Government Research (dg.o '13)
By Basit Shafiq, David Lorenzi, Jaideep Vaidya, Nabil Adam, Soon Chun, Varuna Naik, Vijayalakshmi Atluri
Issue Date:June 2013
pp. 82-91
This paper explores the idea of government emergency response and disaster management through the lens of popular social media services. One of the traditional challenges to effective emergency response and disaster management is communication between the ...
     
Using QR codes for enhancing the scope of digital government services
Found in: Proceedings of the 13th Annual International Conference on Digital Government Research (dg.o '12)
By Basit Shafiq, David Lorenzi, Ghulam Nabi, Jaideep Vaidya, Soon Chun, Vijayalakshmi Atluri
Issue Date:June 2012
pp. 21-29
Digital government is universally gaining acceptance as the public becomes more technologically advanced. The government must embrace new technology to minimize costs and maximize utility of services to the taxpayer. While administrative services have been...
     
Effective anonymization of query logs
Found in: Proceeding of the 18th ACM conference on Information and knowledge management (CIKM '09)
By Jaideep Vaidya, Nabil Adam, Vijayalakshmi Atluri, Xiaoyun He, Yuan Hong
Issue Date:November 2009
pp. 1465-1468
User search query logs have proven to be very useful, but have vast potential for misuse. Several incidents have shown that simple removal of identifiers is insufficient to protect the identity of users. Publishing such inadequately anonymized data can cau...
     
Towards formal security analysis of GTRBAC using timed automata
Found in: Proceedings of the 14th ACM symposium on Access control models and technologies (SACMAT '09)
By Samrat Mondal, Shamik Sural, Vijayalakshmi Atluri
Issue Date:June 2009
pp. 1-22
An access control system is often viewed as a state transition system. Given a set of access control policies, a general safety requirement in such a system is to determine whether a desirable property is satisfied in all the reachable states. Such an anal...
     
An efficient online auditing approach to limit private data disclosure
Found in: Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology (EDBT '09)
By Haibing Lu, Jaideep Vaidya, Vijayalakshmi Atluri, Yingjiu Li
Issue Date:March 2009
pp. 94-104
In a database system, disclosure of confidential private data may occur if users can put together the answers of past queries. Traditional access control mechanisms cannot guard against such breaches to private data. Online auditing techniques have been ad...
     
Migrating to optimal RBAC with minimal perturbation
Found in: Proceedings of the 13th ACM symposium on Access control models and technologies (SACMAT '08)
By Jaideep Vaidya, Nabil Adam, Qi Guo, Vijayalakshmi Atluri
Issue Date:June 2008
pp. 1-1
Devising a complete and correct set of roles has been recognized as one of the most important and challenging tasks in implementing role based access control. A key problem related to this is the notion of goodness - when is a set of roles good? Recently, ...
     
Using semantics for automatic enforcement of access control policies among dynamic coalitions
Found in: Proceedings of the 12th ACM symposium on Access control models and technologies (SACMAT '07)
By Jaideep Vaidya, Janice Warner, Ravi Mukkamala, Vijayalakshmi Atluri
Issue Date:June 2007
pp. 235-244
In a dynamic coalition environment, organizations should be able to exercise their own local fine-grained access control policies while sharing resources with external entities. In this paper, we propose an approach that exploits the semantics associated w...
     
The role mining problem: finding a minimal descriptive set of roles
Found in: Proceedings of the 12th ACM symposium on Access control models and technologies (SACMAT '07)
By Jaideep Vaidya, Qi Guo, Vijayalakshmi Atluri
Issue Date:June 2007
pp. 175-184
Devising a complete and correct set of roles has been recognized as one of the most important and challenging tasks in implementing role based access control. A key problem related to this is the notion of goodness/interestingness -- when is a role good/in...
     
RoleMiner: mining roles using subset enumeration
Found in: Proceedings of the 13th ACM conference on Computer and communications security (CCS '06)
By Jaideep Vaidya, Janice Warner, Vijayalakshmi Atluri
Issue Date:October 2006
pp. 144-153
Role engineering, the task of defining roles and associating permissions to them, is essential to realize the full benefits of the role-based access control paradigm. Essentially, there are two basic approaches to accomplish this: the top-down and the bott...
     
Inter-instance authorization constraints for secure workflow management
Found in: Proceedings of the eleventh ACM symposium on Access control models and technologies (SACMAT '06)
By Janice Warner, Vijayalakshmi Atluri
Issue Date:June 2006
pp. 190-199
Work flows model and control the execution of business process in an organization. They are typically comprised of tasks or logical steps in the business process. To mitigate the ability of insiders to commit fraud, care should be taken that people authori...
     
Secure interoperation for effective data mining in border control and homeland security applications
Found in: Proceedings of the 2006 national conference on Digital government research (dg.o '06)
By Janice Warner, Nabil R. Adam, Rey Koslowski, Robert Grossman, Vandana P. Janeja, Vijayalakshmi Atluri
Issue Date:May 2006
pp. 124-125
Our NSF funded project aims at providing decision makers with the ability to extract and fuse information from multiple, hetertgeneous sources in response to a query while operating under a decentralized security administration. Our motivation comes from U...
     
Semantically enhanced enforcement of mobile consumer's privacy preferences
Found in: Proceedings of the 2006 ACM symposium on Applied computing (SAC '06)
By Mahmoud Youssef, Nabil R. Adam, Vijayalakshmi Atluri
Issue Date:April 2006
pp. 1172-1176
In such applications as location-based advertising, merchants use consumers' information to send them personalized advertisements. These applications provide convenience to consumers and competitive advantage to merchants. However, the improper use of cons...
     
Privacy-preserving semantic interoperation and access control of heterogeneous databases
Found in: Proceedings of the 2006 ACM Symposium on Information, computer and communications security (ASIACCS '06)
By Chi-Chun Pan, Peng Liu, Prasenjit Mitra, Vijayalakshmi Atluri
Issue Date:March 2006
pp. 66-77
Today, many applications require users from one organization to access data belonging to organizations. While traditional solutions offered for the federated and mediated databases facilitate this by sharing metadata, this may not be acceptable for certain...
     
Supporting conditional delegation in secure workflow management systems
Found in: Proceedings of the tenth ACM symposium on Access control models and technologies (SACMAT '05)
By Janice Warner, Vijayalakshmi Atluri
Issue Date:June 2005
pp. 49-58
Workflows model and control the execution of business processes in an organization. A workflow typically comprises of a set of coordinated activities, known as tasks. Typically, organizations establish a set of security policies, that regulate how the busi...
     
Preserving mobile customer privacy: an access control system for moving objects and customer profiles
Found in: Proceedings of the 6th international conference on Mobile data management (MEM '05)
By Mahmoud Youssef, Nabil R. Adam, Vijayalakshmi Atluri
Issue Date:May 2005
pp. 67-76
A key challenge for Mobile services is to offer personalized contents while preserving the privacy of customers. In mobile applications, location information is modeled as moving objects. Providing proper protection to customer information can be achieved ...
     
LS3: a <u>L</u>inear <u>S</u>emantic <u>S</u>can <u>S</u>tatistic technique for detecting anomalous windows
Found in: Proceedings of the 2005 ACM symposium on Applied computing (SAC '05)
By Vandana Pursnani Janeja, Vijayalakshmi Atluri
Issue Date:March 2005
pp. 493-497
Often, it is required to identify anomalous windows along a linear path that reflect unusual rate of occurrence of a specific event of interest. Such examples include: determination of places with high number of occurrences of road accidents along a highwa...
     
A clickstream-based collaborative filtering personalization model: towards a better performance
Found in: Proceedings of the 6th annual ACM international workshop on Web information and data management (WIDM '04)
By Dong-Ho Kim, Michael Bieber, Nabil Adam, Vijayalakshmi Atluri, Yelena Yesha
Issue Date:November 2004
pp. 88-95
In recent years, clickstream-based Web personalization models for collaborative filtering recommendation have received much attention mainly due to their scalability [10,16,19]. The common personalization models are the Markov model, (sequential) associati...
     
Customized geospatial workflows for e-government services
Found in: Proceedings of the ninth ACM international symposium on Advances in geographic information systems (GIS '01)
By Francisco J. Artigas, Richard D. Holowczak, Soon Ae Chun, Vijayalakshmi Atluri
Issue Date:November 2001
pp. 64-69
The past decade has experienced a phenomenal growth in the electronic delivery of business services. This has led to an elevation in the expectations of citizens for fast and efficient delivery of governmental services. Recently, workflow systems have gain...
     
A Chinese wall security model for decentralized workflow systems
Found in: Proceedings of the 8th ACM conference on Computer and Communications Security (CCS '01)
By Pietro Mazzoleni, Soon Ae Chun, Vijayalakshmi Atluri
Issue Date:November 2001
pp. 48-57
Workflow systems are gaining importance as an infrastructure for automating inter-organizational interactions, such as those in Electronic Commerce. Execution of inter-organiz-ational workflows may raise a number of security issues including those related ...
     
An authorization model for temporal data
Found in: Proceedings of the 7th ACM conference on Computer and communications security (CCS '00)
By Avigdor Gal, Vijayalakshmi Atluri
Issue Date:November 2000
pp. 144-153
A fair exchange protocol allows two users to exchange items so that either each user gets the other's item or neither user does. In [2], verifiable encryption is introduced as a primitive that can be used to build extremely efficient fair exchange protocol...
     
SecureFlow: a secure Web-enabled workflow management system
Found in: Proceedings of the fourth ACM workshop on Role-based access control (RBAC '99)
By Vijayalakshmi Atluri, Wei-Kuang Huang
Issue Date:October 1999
pp. 83-94
The Edee architecture provides a mechanism for explicitly and uniformly capturing business occurrences, and provisions of contracts, policies, and law. Edee is able to reason about the interactions of intra-, inter-, and extra-organizational policy, and ex...
     
An authorization model for temporal and derived data: securing information portals
Found in: ACM Transactions on Information and System Security (TISSEC)
By Avigdor Gal, Vijayalakshmi Atluri
Issue Date:November 1998
pp. 62-94
The term information portals refers to Web sites that serve as main providers of focused information, gathered from distributed data sources. Gathering and disseminating information through information portals introduce new security challenges. In particul...
     
A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems
Found in: Proceedings of the second ACM workshop on Role-based access control (RBAC '97)
By Elena Ferrari, Elisa Bertino, Vijayalakshmi Atluri
Issue Date:November 1997
pp. 1-12
ARMI is a communication library that provides a framework for expressing fine-grain parallelism and mapping it to a particular machine using shared-memory and message passing library calls. The library is an advanced implementation of the RMI protocol and ...
     
SI in digital libraries
Found in: Communications of the ACM
By Igg Adiwijaya, Nabil R. Adam, Vijayalakshmi Atluri
Issue Date:January 1988
pp. 64-72
The online Risks Forum has long been a hotbed for discussions of the relative merits of openness relating to the dissemination of knowledge about security vulnerabilities. The debate has now been rekindled, and is summarized here.
     
 1