发布求助
文献互助 智能选刊 最新文献

Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks最新文献

筛选
英文 中文
Enforcing history-based security policies in mobile agent systems 在移动代理系统中实施基于历史的安全策略
Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks Pub Date : 2003-06-04 DOI: 10.1109/POLICY.2003.1206977
Pedro Dias, Carlos Ribeiro, Paulo Ferreira
{"title":"Enforcing history-based security policies in mobile agent systems","authors":"Pedro Dias, Carlos Ribeiro, Paulo Ferreira","doi":"10.1109/POLICY.2003.1206977","DOIUrl":"https://doi.org/10.1109/POLICY.2003.1206977","url":null,"abstract":"The mobile agent paradigm used in modern distributed systems has revealed some new forms of common security threats, such as abusive resource consumption or illegitimate information flow between different and noncooperative entities. This problem is aggravated when an agent's host doesn't know anything about the agent's past activities, visited hosts and interactions with other agents. Thus, robust and efficient authorization platforms should be considered in order to avoid undesired actions from malicious agents. We present an authorization platform designed for a mobile agent system, MobileTrans, which supports the definition and enforcement of history-based security policies, allowing hosts to decide on the authorization of an agent's action upon its past behaviour.","PeriodicalId":391947,"journal":{"name":"Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130179824","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Translating privacy practices into privacy promises - how to promise what you can keep 将隐私实践转化为隐私承诺——如何承诺你能做到的
Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks Pub Date : 2003-06-04 DOI: 10.1109/POLICY.2003.1206967
G. Karjoth, M. Schunter, E. V. Herreweghen
{"title":"Translating privacy practices into privacy promises - how to promise what you can keep","authors":"G. Karjoth, M. Schunter, E. V. Herreweghen","doi":"10.1109/POLICY.2003.1206967","DOIUrl":"https://doi.org/10.1109/POLICY.2003.1206967","url":null,"abstract":"Enterprises advertise privacy promises using the W3C Platform for Privacy Preferences (P3P). These privacy promises define what recipients can obtain what collected data for what purpose. Internally, enterprises can use fine-grained privacy practices such as defined by the Platform for Enterprise Privacy Practices (E-P3P) to enforce privacy. These internal privacy policies should guarantee and enforce the promises made to the customers. Since privacy practices reflect business internals, they can change frequently. As a consequence, it can be challenging to keep the promises up-to-date with the actual practices. To enable up-to-date privacy promises, we describe a methodology for enterprises to promise what they can keep. This is done by automatically transforming E-P3P privacy practices into corresponding P3P privacy promises that reflect the actual enterprise-internal behavior. These P3P promises can then be published on a regular basis. Whenever the internal policies change, the P3P promises can easily be updated as well.","PeriodicalId":391947,"journal":{"name":"Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133796237","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 51
Spatial policies for sentient mobile applications 感知移动应用程序的空间策略
Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks Pub Date : 2003-06-04 DOI: 10.1109/POLICY.2003.1206968
Dave Scott, A. Beresford, A. Mycroft
{"title":"Spatial policies for sentient mobile applications","authors":"Dave Scott, A. Beresford, A. Mycroft","doi":"10.1109/POLICY.2003.1206968","DOIUrl":"https://doi.org/10.1109/POLICY.2003.1206968","url":null,"abstract":"Mobile applications are programs which are able to move themselves between hosts on the network. Sentient applications are programs which can exploit the existence of pervasive networked sensor devices to observe their environment and react accordingly. We believe that properly designed and constrained sentient mobile applications provide a good foundation for building applications for pervasive computing environments. The aims of this work are threefold: (i) motivate the use of sentient mobile applications in next-generation pervasive computing environments; (ii) describe the role of policy in building sentient mobile applications; (iii) demonstrate the need for policy to control sentient mobile applications once they have been deployed.","PeriodicalId":391947,"journal":{"name":"Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129661344","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Policy-driven licensing model for component software 组件软件的策略驱动许可模型
Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks Pub Date : 2003-06-04 DOI: 10.1109/POLICY.2003.1206976
Qian Zhao, Yu Zhou, M. Perry
{"title":"Policy-driven licensing model for component software","authors":"Qian Zhao, Yu Zhou, M. Perry","doi":"10.1109/POLICY.2003.1206976","DOIUrl":"https://doi.org/10.1109/POLICY.2003.1206976","url":null,"abstract":"Today, it is almost inevitable that software is licensed, rather than sold outright. As a part of the licensing policy, some protection mechanisms, whether hardware, legal or code-based, are invariably built into the license. The application of such mechanisms has primarily been in the realm of off-the-shelf, packaged, consumer software. However, as component-based software gradually becomes mainstream in software development, new component-oriented licensing systems are required. We propose an enterprise component licensing model for the management of software component licenses. The model provides a comprehensive license management framework allowing for extensibility and flexibility. Furthermore, we identify differences between standalone software and component software, describe a high level model for policy-driven component licensing, and discuss both the benefits and drawbacks of the enterprise component licensing model for the management of software component licenses.","PeriodicalId":391947,"journal":{"name":"Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131823382","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Chisel: a policy-driven, context-aware, dynamic adaptation framework 凿:一个策略驱动的、上下文感知的、动态的适应框架
Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks Pub Date : 2003-06-04 DOI: 10.1109/POLICY.2003.1206953
J. Keeney, V. Cahill
{"title":"Chisel: a policy-driven, context-aware, dynamic adaptation framework","authors":"J. Keeney, V. Cahill","doi":"10.1109/POLICY.2003.1206953","DOIUrl":"https://doi.org/10.1109/POLICY.2003.1206953","url":null,"abstract":"We argue that the software user, the developer, the designer and indeed the application logic itself all possess invaluable intelligence to gear how software should adapt itself to changing requirements and changing context. We present Chisel, an open framework for dynamic adaptation of services using reflection in a policy-driven, context-aware manner. The system is based on decomposing the particular aspects of a service object that do not provide its core functionality into multiple possible behaviours. As the execution environment, user context and application context change, the service object will be adapted to use different behaviours, driven by a human-readable declarative adaptation policy script. To demonstrate this framework we will provide a dynamically adaptive middleware for mobile computing. The framework will allow users and applications to make mobile-aware dynamic changes to the behaviour of various services of the middleware, and allow the addition of new unanticipated behaviours at run-time, without changing or stopping the middleware or an application that may be using it. This is achieved by implementing the behaviours as metatypes in Iguana/J, which supports non-invasive dynamic associations of metatypes to service objects without any requirement to interrupt, change or access the object's source code.","PeriodicalId":391947,"journal":{"name":"Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130885368","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 189
Analyzing security-enhanced Linux policy specifications 分析安全增强的Linux策略规范
Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks Pub Date : 2003-06-04 DOI: 10.1109/POLICY.2003.1206969
M. Archer, Elizabeth I. Leonard, Matteo Pradella
{"title":"Analyzing security-enhanced Linux policy specifications","authors":"M. Archer, Elizabeth I. Leonard, Matteo Pradella","doi":"10.1109/POLICY.2003.1206969","DOIUrl":"https://doi.org/10.1109/POLICY.2003.1206969","url":null,"abstract":"NSA's security-enhanced (SE) Linux enhances Linux by providing a specification language for security policies and a flask-like architecture with a security server for enforcing policies defined in the language. It is natural for users to expect to be able to analyze the properties of a policy from its specification in the policy language. But this language is very low level, making the high level properties of a policy difficult to deduce by inspection. For this reason, tools to help users with the analysis are necessary. The NRL project on analyzing SE Linux policies aims first to use mechanized support to analyze an example policy specification and then to customize this support for use by practitioners in the open source software community. We describe the model policies in the analysis tool TAME, the kinds of analysis we can support, and prototype mechanical support to enable others to model their policies in TAME. We conclude with some general observations on desirable properties for a policy language.","PeriodicalId":391947,"journal":{"name":"Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131247480","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信