Abstract: Through the analysis of the process digital design
based on digital mockup, the fact indicates that a distributed
cooperative supporting environment is the foundation conditions to
adopt design approach based on DMU. Data access authorization is
concerned firstly because the value and sensitivity of the data for the
enterprise. The access control for administrators is often rather weak
other than business user. So authors established an enhanced system to
avoid the administrators accessing the engineering data by potential
approach and without authorization. Thus the data security is
improved.
Abstract: Data Warehousing tools have become very popular and currently many of them have moved to Web-based user interfaces to make it easier to access and use the tools. The next step is to enable these tools to be used within a portal framework. The portal framework consists of pages having several small windows that contain individual data warehouse query results. There are several issues that need to be considered when designing the architecture for a portal enabled data warehouse query tool. Some issues need special techniques that can overcome the limitations that are imposed by the nature of data warehouse queries. Issues such as single sign-on, query result caching and sharing, customization, scheduling and authorization need to be considered. This paper discusses such issues and suggests an architecture to support data warehouse queries within Web portal frameworks.
Abstract: Efforts to secure supervisory control and data acquisition
(SCADA) systems must be supported under the guidance of
sound security policies and mechanisms to enforce them. Critical
elements of the policy must be systematically translated into a format
that can be used by policy enforcement components. Ideally, the
goal is to ensure that the enforced policy is a close reflection of
the specified policy. However, security controls commonly used to
enforce policies in the IT environment were not designed to satisfy
the specific needs of the SCADA environment. This paper presents
a language, based on the well-known XACML framework, for the
expression of authorization policies for SCADA systems.
Abstract: In this paper, we design an integration security system
that provides authentication service, authorization service, and
management service of security data and a unified interface for the
management service. The interface is originated from XKMS protocol
and is used to manage security data such as XACML policies, SAML
assertions and other authentication security data including public keys.
The system includes security services such as authentication,
authorization and delegation of authentication by employing SAML
and XACML based on security data such as authentication data,
attributes information, assertions and polices managed with the
interface in the system. It also has SAML producer that issues
assertions related on the result of the authentication and the
authorization services.
Abstract: This paper is to investigate the impplementation of security
mechanism in object oriented database system. Formal methods
plays an essential role in computer security due to its powerful expressiveness
and concise syntax and semantics. In this paper, both issues
of specification and implementation in database security environment
will be considered; and the database security is achieved through
the development of an efficient implementation of the specification
without compromising its originality and expressiveness.
Abstract: As privacy becomes a major concern for consumers
and enterprises, many research have been focused on the privacy
protecting technology in recent years. In this paper, we present a
comprehensive approach for usage access control based on the notion
purpose. In our model, purpose information associated with a given
data element specifies the intended use of the subjects and objects in
the usage access control model. A key feature of our model is that it
allows when an access is required, the access purpose is checked
against the intended purposes for the data item. We propose an
approach to represent purpose information to support access control
based on purpose information. Our proposed solution relies on usage
access control (UAC) models as well as the components which based
on the notions of the purpose information used in subjects and
objects. Finally, comparisons with related works are analyzed.
Abstract: Can biometrics do what everyone is expecting it will?
And more importantly, should it be doing it? Biometrics is the
buzzword “on the mouth" of everyone, who are trying to use this
technology in a variety of applications. But all this “hype" about
biometrics can be dangerous without a careful evaluation of the real
needs of each application. In this paper I-ll try to focus on the
dangers of using the right technology at the right time in the wrong
place.
Abstract: Centrally controlled authentication and authorization services can provide enterprise with an increase in security, more flexible access control solutions and an increased users' trust. By using redirections, users of all Web-based applications within an organization are authenticated at a single well known and secure Web site and using secure communication protocol. Users are first authenticated at the central server using their domain wide credentials before being redirected to a particular Web-based application. The central authentication server will then provide others with pertinence authorization related particulars and credentials of the authenticated user to the specific application. The trust between the clients and the server hosts is established by secure session keys exchange. Case- studies are provided to demonstrate the usefulness and flexibility of the proposed solution.