936 resultados para mandatory access control framework
Resumo:
In this paper we introduce a novel design for a translational medical research ecosystem. Translational medical research is an emerging field of work, which aims to bridge the gap between basic medical science research and clinical research/patient care. We analyze the key challenges of digital ecosystems for translational research, based on real world scenarios posed by the Lab for Translational Research at the Harvard Medical School and the Genomics Research Centre of the Griffith University, and show how traditional IT approaches fail to fulfill these challenges. We then introduce our design for a translational research ecosystem. Several key contributions are made: A novel approach to managing ad-hoc research ecosystems is introduced; a new security approach for translational research is proposed which allows each participating site to retain control over its data and define its own policies to ensure legal and ethical compliance; and a design for a novel interactive access control framework which allows users to easily share data, while adhering to their organization's policies is presented.
Resumo:
XML文档存放的信息需要受到访问控制策略的保护.现有的一些面向XML文档的访问控制模型都是基于自主访问控制策略或基于角色的访问控制.高安全等级系统需要强制访问控制来保证系统内信息的安全.首先扩展了XML文档模型使其包含标签信息,并给出了扩展后的文档模型需要满足的规则.然后通过讨论XML文档上的4种操作,描述了面向XML文档的细粒度强制访问控制模型的详细内容.该模型基于XML模式技术,它的控制粒度可以达到文档中的元素或者属性.最后讨论了该模型的体系结构和一些实现机制。
Resumo:
强制访问控制能有效地防止用户有意或无意地破坏系统的安全,能够有效地防止病毒和木马以用户的身份破坏系统的安全,是高安全需求操作系统的主要防护手段。业界对操作系统强制访问控制研究起步很早。然而,面对日新月异的应用场景,面对计算机系统及操作系统自身相关技术的迅猛发展,已有的针对操作系统强制访问控制的研究工作不足以兼顾安全性、可用性和灵活性。以上不足集中体现在:1) 当前广泛使用的强制访问控制机制从设计上难以同时满足实用系统对安全性和可用性的要求;2) 强制访问控制的设计缺乏对操作系统所处分布式、网络化环境的考虑;3) 操作系统强制访问控制研发保障技术需要进一步研究。 针对这些问题,本论文从强制访问控制的设计和保障出发,对操作系统强制访问控制关键技术展开研究,并取得了以下几个方面的成果: 第一:强制访问控制格策略模型机制简洁,安全性易验证,在安全操作系统和安全增强操作系统上应用广泛。然而严格地实施格策略会带来可用性的问题。本文针对机密性和完整性强制访问控制格策略模型,分别给出了可监控客体框架和Clark-Wilson可信主体特权状态跃迁监控框架。这些框架具有细的刻画粒度,好的扩展性和简洁性,我们对这些框架给出了数学描述,并对带Clark-Wilson可信主体特权状态跃迁监控框架的完整性格模型给出了理论证明; 第二:针对分布式应用环境,提出了基于可信计算技术和域型实施(Domain and Type Enforcement: DTE)策略的操作系统分布式强制访问控制方案。我们从理论上证明了策略的安全性。相比国内外同类工作,该方案具有细的访问控制粒度,在系统验证的简洁性和部署的灵活性方面是最好的; 第三:实施强制访问控制的中高等级安全操作系统的安全性需要利用形式化方法的严密性进行保证。本文按照TCSEC B2级别的要求,利用Z/EVES形式化工具对SECIMOS安全操作系统进行了形式化保障:给出了安全模型的形式化规范,给出了安全不变量和安全定理,证明了安全定理,描述了形式化安全模型与顶层设计的一致性; 第四:操作系统强制访问控制框架是强制访问控制机制在操作系统上实现的基础。本文提出了针对操作系统强制访问控制框架的自动测试用例生成方案。该方案利用编译器辅助审计代码插入,约束求解器辅助置乱参数生成,测试用例精简等技术为FreeBSD MAC框架生成了一套有效的回归测试用例套件。同时也为基于FreeBSD MAC框架的NFSARK系列安全操作系统提供了坚实的实施基础。 本文的研究成果向圆满解决当前国内操作系统强制访问控制的设计、实施和保障中遇到的问题的目标迈出了坚实的一步。
Resumo:
商业应用需要实施完整性策略保护.Biba模型提供了一种简洁的多级完整性控制方案,但是需要引入可信主体来保证实施的可用性.而Clark-Wilson模型通过可监控的状态转换提供了一种完备的完整性保护,但其复杂性影响了该模型的完整实现.提出的模型以Biba严格完整性策略为基础,同时根据可信主体在其生命周期所属的状态实施Biba低水标策略.对可信主体在其生命周期发生的状态转换及相应的低水标参数调整,采用Clark-Wilson模型来进行监控.在有效解决了Biba策略的可用性问题和Clark-Wilson模型监控量过大给系统带来的配置和运行负担问题的同时,继承它们的优点.证明了该策略融合方案是可行的、安全的.
Resumo:
With today's prevalence of Internet-connected systems storing sensitive data and the omnipresent threat of technically skilled malicious users, computer security remains a critically important field. Because of today's multitude of vulnerable systems and security threats, it is vital that computer science students be taught techniques for programming secure systems, especially since many of them will work on systems with sensitive data after graduation. Teaching computer science students proper design, implementation, and maintenance of secure systems is a challenging task that calls for the use of novel pedagogical tools. This report describes the implementation of a compiler that converts mandatory access control specification Domain-Type Enforcement Language to the Java Security Manager, primarily for pedagogical purposes. The implementation of the Java Security Manager was explored in depth, and various techniques to work around its inherent limitations were explored and partially implemented, although some of these workarounds do not appear in the current version of the compiler because they would have compromised cross-platform compatibility. The current version of the compiler and implementation details of the Java Security Manager are discussed in depth.
Resumo:
Ubiquitous access to patient medical records is an important aspect of caring for patient safety. Unavailability of sufficient medical information at the point-ofcare could possibly lead to a fatality. The U.S. Institute of Medicine has reported that between 44,000 and 98,000 people die each year due to medical errors, such as incorrect medication dosages, due to poor legibility in manual records, or delays in consolidating needed information to discern the proper intervention. In this research we propose employing emergent technologies such as Java SIM Cards (JSC), Smart Phones (SP), Next Generation Networks (NGN), Near Field Communications (NFC), Public Key Infrastructure (PKI), and Biometric Identification to develop a secure framework and related protocols for ubiquitous access to Electronic Health Records (EHR). A partial EHR contained within a JSC can be used at the point-of-care in order to help quick diagnosis of a patient’s problems. The full EHR can be accessed from an Electronic Health Records Centre (EHRC) when time and network availability permit. Moreover, this framework and related protocols enable patients to give their explicit consent to a doctor to access their personal medical data, by using their Smart Phone, when the doctor needs to see or update the patient’s medical information during an examination. Also our proposed solution would give the power to patients to modify the Access Control List (ACL) related to their EHRs and view their EHRs through their Smart Phone. Currently, very limited research has been done on using JSCs and similar technologies as a portable repository of EHRs or on the specific security issues that are likely to arise when JSCs are used with ubiquitous access to EHRs. Previous research is concerned with using Medicare cards, a kind of Smart Card, as a repository of medical information at the patient point-of-care. However, this imposes some limitations on the patient’s emergency medical care, including the inability to detect the patient’s location, to call and send information to an emergency room automatically, and to interact with the patient in order to get consent. The aim of our framework and related protocols is to overcome these limitations by taking advantage of the SIM card and the technologies mentioned above. Briefly, our framework and related protocols will offer the full benefits of accessing an up-to-date, precise, and comprehensive medical history of a patient, whilst its mobility will provide ubiquitous access to medical and patient information everywhere it is needed. The objective of our framework and related protocols is to automate interactions between patients, healthcare providers and insurance organisations, increase patient safety, improve quality of care, and reduce the costs.
Resumo:
Shared eHealth records systems offer promising benefits for improving healthcare through high availability of information and improved decision making; however, their uptake has been hindered by concerns over the privacy of patient information. To address these privacy concerns while balancing the requirements of healthcare professionals to have access to the information they need to provide appropriate care, the use of an Information Accountability Framework (IAF) has been proposed. For the IAF and so called Accountable-eHealth systems to become a reality, the framework must provide for a diverse range of users and use cases. The initial IAF model did not provide for more diverse use cases including the need for certain users to delegate access to another user in the system to act on their behalf while maintaining accountability. In this paper, we define the requirements for delegation of access in the IAF, how such access policies would be represented in the Framework, and implement and validate an expanded IAF model.
Resumo:
Policy-based network management (PBNM) paradigms provide an effective tool for end-to-end resource
management in converged next generation networks by enabling unified, adaptive and scalable solutions
that integrate and co-ordinate diverse resource management mechanisms associated with heterogeneous
access technologies. In our project, a PBNM framework for end-to-end QoS management in converged
networks is being developed. The framework consists of distributed functional entities managed within a
policy-based infrastructure to provide QoS and resource management in converged networks. Within any
QoS control framework, an effective admission control scheme is essential for maintaining the QoS of
flows present in the network. Measurement based admission control (MBAC) and parameter basedadmission control (PBAC) are two commonly used approaches. This paper presents the implementationand analysis of various measurement-based admission control schemes developed within a Java-based
prototype of our policy-based framework. The evaluation is made with real traffic flows on a Linux-based experimental testbed where the current prototype is deployed. Our results show that unlike with classic MBAC or PBAC only schemes, a hybrid approach that combines both methods can simultaneously result in improved admission control and network utilization efficiency
Resumo:
Densely deployed WiFi networks will play a crucial role in providing the capacity for next generation mobile internet. However, due to increasing interference, overlapped channels in WiFi networks and throughput efficiency degradation, densely deployed WiFi networks is not a guarantee to obtain higher throughput. An emergent challenge is how to efficiently utilize scarce spectrum resources, by matching physical layer resources to traffic demand. In this aspect, access control allocation strategies play a pivotal role but remain too coarse-grained. As a solution, this research proposes a flexible framework for fine-grained channel width adaptation and multi-channel access in WiFi networks. This approach, named SFCA (Sub-carrier Fine-grained Channel Access), adopts DOFDM (Discontinuous Orthogonal Frequency Division Multiplexing) at the PHY layer. It allocates the frequency resource with a sub-carrier granularity, which facilitates the channel width adaptation for multi-channel access and thus brings more flexibility and higher frequency efficiency. The MAC layer uses a frequency-time domain backoff scheme, which combines the popular time-domain BEB scheme with a frequency-domain backoff to decrease access collision, resulting in higher access probability for the contending nodes. SFCA is compared with FICA (an established access scheme) showing significant outperformance. Finally we present results for next generation 802.11ac WiFi networks.
Resumo:
Dedicated short-range communications (DSRC) are a promising vehicle communication technique for collaborative road safety applications (CSA). However, road safety applications require highly reliable and timely wireless communications, which present big challenges to DSRC based vehicle networks on effective and robust quality of services (QoS) provisioning due to the random channel access method applied in the DSRC technique. In this paper we examine the QoS control problem for CSA in the DSRC based vehicle networks and presented an overview of the research work towards the QoS control problem. After an analysis of the system application requirements and the DSRC vehicle network features, we propose a framework for cooperative and adaptive QoS control, which is believed to be a key for the success of DSRC on supporting effective collaborative road safety applications. A core design in the proposed QoS control framework is that network feedback and cross-layer design are employed to collaboratively achieve targeted QoS. A design example of cooperative and adaptive rate control scheme is implemented and evaluated, with objective of illustrating the key ideas in the framework. Simulation results demonstrate the effectiveness of proposed rate control schemes in providing highly available and reliable channel for emergency safety messages. © 2013 Wenyang Guan et al.
Resumo:
Unified Enterprise application security is a new emerging approach for providing protection against application level attacks. Conventional application security approach that consists of embedding security into each critical application leads towards scattered security mechanism that is not only difficult to manage but also creates security loopholes. According to the CSIIFBI computer crime survey report, almost 80% of the security breaches come from authorized users. In this paper, we have worked on the concept of unified security model, which manages all security aspect from a single security window. The basic idea is to keep business functionality separate from security components of the application. Our main focus was on the designing of frame work for unified layer which supports single point of policy control, centralize logging mechanism, granular, context aware access control, and independent from any underlying authentication technology and authorization policy.
Resumo:
Computer resource allocation represents a significant challenge particularly for multiprocessor systems, which consist of shared computing resources to be allocated among co-runner processes and threads. While an efficient resource allocation would result in a highly efficient and stable overall multiprocessor system and individual thread performance, ineffective poor resource allocation causes significant performance bottlenecks even for the system with high computing resources. This thesis proposes a cache aware adaptive closed loop scheduling framework as an efficient resource allocation strategy for the highly dynamic resource management problem, which requires instant estimation of highly uncertain and unpredictable resource patterns. Many different approaches to this highly dynamic resource allocation problem have been developed but neither the dynamic nature nor the time-varying and uncertain characteristics of the resource allocation problem is well considered. These approaches facilitate either static and dynamic optimization methods or advanced scheduling algorithms such as the Proportional Fair (PFair) scheduling algorithm. Some of these approaches, which consider the dynamic nature of multiprocessor systems, apply only a basic closed loop system; hence, they fail to take the time-varying and uncertainty of the system into account. Therefore, further research into the multiprocessor resource allocation is required. Our closed loop cache aware adaptive scheduling framework takes the resource availability and the resource usage patterns into account by measuring time-varying factors such as cache miss counts, stalls and instruction counts. More specifically, the cache usage pattern of the thread is identified using QR recursive least square algorithm (RLS) and cache miss count time series statistics. For the identified cache resource dynamics, our closed loop cache aware adaptive scheduling framework enforces instruction fairness for the threads. Fairness in the context of our research project is defined as a resource allocation equity, which reduces corunner thread dependence in a shared resource environment. In this way, instruction count degradation due to shared cache resource conflicts is overcome. In this respect, our closed loop cache aware adaptive scheduling framework contributes to the research field in two major and three minor aspects. The two major contributions lead to the cache aware scheduling system. The first major contribution is the development of the execution fairness algorithm, which degrades the co-runner cache impact on the thread performance. The second contribution is the development of relevant mathematical models, such as thread execution pattern and cache access pattern models, which in fact formulate the execution fairness algorithm in terms of mathematical quantities. Following the development of the cache aware scheduling system, our adaptive self-tuning control framework is constructed to add an adaptive closed loop aspect to the cache aware scheduling system. This control framework in fact consists of two main components: the parameter estimator, and the controller design module. The first minor contribution is the development of the parameter estimators; the QR Recursive Least Square(RLS) algorithm is applied into our closed loop cache aware adaptive scheduling framework to estimate highly uncertain and time-varying cache resource patterns of threads. The second minor contribution is the designing of a controller design module; the algebraic controller design algorithm, Pole Placement, is utilized to design the relevant controller, which is able to provide desired timevarying control action. The adaptive self-tuning control framework and cache aware scheduling system in fact constitute our final framework, closed loop cache aware adaptive scheduling framework. The third minor contribution is to validate this cache aware adaptive closed loop scheduling framework efficiency in overwhelming the co-runner cache dependency. The timeseries statistical counters are developed for M-Sim Multi-Core Simulator; and the theoretical findings and mathematical formulations are applied as MATLAB m-file software codes. In this way, the overall framework is tested and experiment outcomes are analyzed. According to our experiment outcomes, it is concluded that our closed loop cache aware adaptive scheduling framework successfully drives co-runner cache dependent thread instruction count to co-runner independent instruction count with an error margin up to 25% in case cache is highly utilized. In addition, thread cache access pattern is also estimated with 75% accuracy.
Resumo:
It is not uncommon for enterprises today to be faced with the demand to integrate and incor- porate many different and possibly heterogeneous systems which are generally independently designed and developed, to allow seamless access. In effect, the integration of these systems results in one large whole system that must be able, at the same time, to maintain the local autonomy and to continue working as an independent entity. This problem has introduced a new distributed architecture called federated systems. The most challenging issue in federated systems is to find answers for the question of how to efficiently cooperate while preserving their autonomous characteristic, especially the security autonomy. This thesis intends to address this issue. The thesis reviews the evolution of the concept of federated systems and discusses the organisational characteristics as well as remaining security issues with the existing approaches. The thesis examines how delegation can be used as means to achieve better security, especially authorisation while maintaining autonomy for the participating member of the federation. A delegation taxonomy is proposed as one of the main contributions. The major contribution of this thesis is to study and design a mechanism to support dele- gation within and between multiple security domains with constraint management capability. A novel delegation framework is proposed including two modules: Delegation Constraint Man- agement module and Policy Management module. The first module is designed to effectively create, track and manage delegation constraints, especially for delegation processes which require re-delegation (indirect delegation). The first module employs two algorithms to trace the root authority of a delegation constraint chain and to prevent the potential conflict when creating a delegation constraint chain if necessary. The first module is designed for conflict prevention not conflict resolution. The second module is designed to support the first module via the policy comparison capability. The major function of this module is to provide the delegation framework the capability to compare policies and constraints (written under the format of a policy). The module is an extension of Lin et al.'s work on policy filtering and policy analysis. Throughout the thesis, some case studies are used as examples to illustrate the discussed concepts. These two modules are designed to capture one of the most important aspects of the delegation process: the relationships between the delegation transactions and the involved constraints, which are not very well addressed by the existing approaches. This contribution is significant because the relationships provide information to keep track and en- force the involved delegation constraints and, therefore, play a vital role in maintaining and enforcing security for transactions across multiple security domains.
Resumo:
A building information model (BIM) is an electronic repository of structured, three-dimensional data that captures both the physical and dynamic functional characteristics of a facility. In addition to its more traditional function as a tool to aid design and construction, a BIM can be used throughout the life cycle of a facility, functioning as a living database that places resources contained within the building in their spatial and temporal context. Through its comprehension of spatial relationships, a BIM can meaningfully represent and integrate previously isolated control and management systems and processes, and thereby provide a more intuitive interface to users. By placing processes in a spatial context, decision-making can be improved, with positive flow-on effects for security and efficiency. In this article, we systematically analyse the authorization requirements involved in the use of BIMs. We introduce the concept of using a BIM as a graphical tool to support spatial access control configuration and management (including physical access control). We also consider authorization requirements for regulating access to the structured data that exists within a BIM as well as to external systems and data repositories that can be accessed via the BIM interface. With a view to addressing these requirements we present a survey of relevant spatiotemporal access control models, focusing on features applicable to BIMs and highlighting capability gaps. Finally, we present a conceptual authorization framework that utilizes BIMs.
