Prior studies have shown that while ISPs are well positioned to provide residential and SME users critical protection from cybercrime, their incentives to do so are often insufficient. The presence of competition in providing broadband service is a factor we might expect to impact such...

From 1994-2009, forty-three states changed the design of their driver's license/state identification cards in an effort to reduce underage access to and consumption of alcohol and tobacco. In these states, individuals under the age of 21 are issued licenses that are vertically oriented, whereas...

Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computing, often require integrating access control policies of collaborating parties. Such an integration must be able to support complex authorization specifications and the fine-grained integration...

This paper presents a model for privacy preserving access control which is based on variety of purposes. Conditional purpose is applied along with allowed purpose and prohibited purpose in the model. It allows users using some data for certain purpose with conditions. The structure of...

<Para ID="Par2">In the paper, an integrated approach for the modeling and enforcement of delegation policies in process-aware information systems is presented. In particular, a delegation extension for process-related role-based access control (RBAC) models is specified. The extension is generic in the sense...</para>

Authorised users (insiders) are behind the majority of security incidents with high financial impacts. Because authorisation is the process of controlling users? access to resources, improving authorisation techniques may mitigate the insider threat. Current approaches to authorisation suffer...

Knowledge sharing has been identified as a major focus area for knowledge management. Efforts are made with a view to identify the most effective ways to share knowledge, as a step towards improving organizational performance. In this striving, various factors have been identified as impediments...

Collaborative and distributed applications, such as dynamic coalitions and virtualized grid computing, often require integrating access control policies of collaborating parties. Such an integration must be able to support complex authorization specifications and the fine-grained integration...

Interoperation and services sharing among different systems are becoming new paradigms for enterprise collaboration. To keep ahead in strong competition environments, an enterprise should provide flexible and comprehensive services to partners and support active collaborations with partners and...

Delegation is a powerful mechanism to provide flexible and dynamic access control decisions. Delegation is particularly useful in federated environments where multiple systems, with their own security autonomy, are connected under one common federation. Although many delegation schemes have been...

In Role Based Access Control (RBAC), roles are typically created based on jobfunctions inside an organization. Traditional RBAC does not scale up well for modelingsecurity policies spanning multiple organizations. To solve this problem, a family ofextended RBAC models called Role and...

In dieser Arbeit werden die Mšglichkeiten sicherer Ausgliederung von Datenbanken und inhaltsbasiertem Routing an einen nicht voll vertrauenswŸrdigen Dienstanbieter betrachtet. Wir untersuchen die Grenzen der Sicherheit, die in diesem Szenario erreicht werden kšnnen. Sicherheit wird dabei...

More than 70% of global e-mail traffic consists of unsolicited and commercial direct marketing, also known as spam. Dealing with spam incurs high costs for organizations, prompting efforts to try to reduce spam-related costs by installing spam filters. Using modern econometric methods to reduce...

Trust negotiation is a promising approach for establishing trust in open systems, in which sensitive interactions may often occur between entities with no prior knowledge of each other. Although, to date several trust negotiation systems have been proposed, none of them fully address the problem...

Ongoing concerns have been raised over the effectiveness of information technology products and systems in maintaining privacy protection for sensitive data. The aim is to ensure that sensitive health information can be adequately protected yet still be accessible only to those that...