By Topic

2011 Sixth International Conference on Availability, Reliability and Security

22-26 Aug. 2011

Filter Results

Displaying Results 1 - 25 of 132
  • [Front cover]

    Publication Year: 2011, Page(s): C1
    Request permission for commercial reuse | PDF file iconPDF (2105 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2011, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (14 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2011, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (64 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2011, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (107 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2011, Page(s):v - xiv
    Request permission for commercial reuse | PDF file iconPDF (183 KB)
    Freely Available from IEEE
  • Message from the ARES 2011 General Co-Chairs, Program Committee Co-Chairs, and Keynote Chairs

    Publication Year: 2011, Page(s):xv - xvi
    Request permission for commercial reuse | PDF file iconPDF (87 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the ARES 2011 Workshop Co-Chairs

    Publication Year: 2011, Page(s): xvii
    Request permission for commercial reuse | PDF file iconPDF (84 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the FARES 2011 Workshop Co-chairs

    Publication Year: 2011, Page(s): xviii
    Request permission for commercial reuse | PDF file iconPDF (88 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the DYADEM-FTS 2011 Workshop Organizers

    Publication Year: 2011, Page(s): xix
    Request permission for commercial reuse | PDF file iconPDF (74 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the PBD 2011 Workshop Organizers

    Publication Year: 2011, Page(s): xx
    Request permission for commercial reuse | PDF file iconPDF (67 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the RISI 2011 Workshop Organizers

    Publication Year: 2011, Page(s): xxi
    Request permission for commercial reuse | PDF file iconPDF (77 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the SAPAIS 2011 Workshop Organizers

    Publication Year: 2011, Page(s): xxii
    Request permission for commercial reuse | PDF file iconPDF (73 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the SECSE 2011 Workshop Organizers

    Publication Year: 2011, Page(s): xxiii
    Request permission for commercial reuse | PDF file iconPDF (67 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the WSDF 2011 Workshop Organizers

    Publication Year: 2011, Page(s): xxiv
    Request permission for commercial reuse | PDF file iconPDF (65 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the OSA 2011 Workshop Organizers

    Publication Year: 2011, Page(s): xxv
    Request permission for commercial reuse | PDF file iconPDF (67 KB) | HTML iconHTML
    Freely Available from IEEE
  • An Approach to Access Control under Uncertainty

    Publication Year: 2011, Page(s):1 - 8
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (224 KB) | HTML iconHTML

    In dynamic and uncertain environments such as healthcare, where the needs of security and information availability are difficult to balance, an access control approach based on a static policy will be suboptimal regardless of how comprehensive it is. The uncertainty stems from the unpredictability of users' operational needs as well as their private incentives to misuse permissions. In Role Based ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Support Access to Distributed EPRs with Three Levels of Identity Privacy Preservation

    Publication Year: 2011, Page(s):9 - 16
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (568 KB) | HTML iconHTML

    The emergence of e-health has put an enormous amount of sensitive data in the hands of service providers or other third parties, where privacy risks might exist when accessing sensitive data stored in electronic patient records (EPRs). EPRs support efficient access to patient data by multiple healthcare providers and third party users, which will consequently, improve patient care. However, the se... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Smatch Model: Extending RBAC Sessions in Virtualization Environment

    Publication Year: 2011, Page(s):17 - 26
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (473 KB) | HTML iconHTML

    This paper extends RBAC sessions with share ability, reusability and switch ability properties. We define the Smatch (Secure Management of switch) model in which authorized users can join, leave, reopen and reuse dynamic sessions. In Smatch, subjects can also share sessions and dynamically switch their role or function with other subjects from the same or die rent organizations. Subjects can authe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • AW-RBAC: Access Control in Adaptive Workflow Systems

    Publication Year: 2011, Page(s):27 - 34
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (506 KB) | HTML iconHTML

    Flexibility is one of the key challenges for Workflow Systems nowadays. Typically, a workflow covers the following four aspects which might all be subject to change: control flow, data flow, organizational structures, and application components (services). Existing work in research and practice shows that changes must be applied in a controlled manner in order to avoid security problems. In this c... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Role Mining Process Model - Underlining the Need for a Comprehensive Research Perspective

    Publication Year: 2011, Page(s):35 - 42
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (554 KB) | HTML iconHTML

    Organizations that migrate from identity-centric to role-based Identity Management face the initial task of defining a valid set of roles for their employees. Due to its capabilities of automated and fast role detection, role mining as a solution for dealing with this challenge has gathered a rapid increase of interest in the academic community. Research activities throughout the last years result... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Biometric authentication as a service for enterprise identity management deployment: a data protection perspective

    Publication Year: 2011, Page(s):43 - 50
    Cited by:  Papers (8)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (413 KB) | HTML iconHTML

    Biometric Authentication as a Service is an innovative approach for strong authentication in web environments based on the Software as a Service model. However, both the adoption of SaaS systems and biometric technologies negatively correlate with perceived privacy and data protection risks. We specify a list of evaluation criteria for BioAaaS systems from a data protection point of view including... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Obfuscation-Based Approach against Injection Attacks

    Publication Year: 2011, Page(s):51 - 58
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (468 KB) | HTML iconHTML

    We present an obfuscation strategy to protect a program against injection attacks. The strategy represents the program as a set of code fragments in-between two consecutive system calls (the system blocks) and a graph that represents the execution order of the fragment (the system block graph). The system blocks and the system block graph are partitioned between two virtual machines (VMs). The Blo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using CVSS in Attack Graphs

    Publication Year: 2011, Page(s):59 - 66
    Cited by:  Papers (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (947 KB) | HTML iconHTML

    Derived from attack models, attack graphs are providing an efficient way to model attack scenarios intended against computer networks. Such graphs are using CVE database in which all known vulnerabilities are gathered. The CVSS framework is aiming to give numeric scores to each vulnerability recorded in the CVE database, which represent its characteristics and quantify its security impacts. In thi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Selecting Software Packages for Secure Database Installations

    Publication Year: 2011, Page(s):67 - 74
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (321 KB) | HTML iconHTML

    Security is one of the biggest concerns of database administrators. Most marketed software products announce a variety of features and mechanisms designed to improve security. However, that same variety largely complicates the process of selecting the adequate set of software products (i.e., a software package) for a given installation. In this paper we propose an approach that can be used to fair... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Probabilistic Fault-tolerance of Distributed Services: A Paradigm for Dependable Applications

    Publication Year: 2011, Page(s):75 - 82
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (311 KB) | HTML iconHTML

    The paper deals with a study of probabilistic methods to manage the dependability of a networked distributed system, in the presence of inaccuracies and partial knowledge of system models pertaining to failures. A distributed networked system (DIS) that collects raw data from sensors deployed in the field and delivers a composite data to an end-user is faced with two types of uncertainties: at 'in... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.