Security solution frames and security patterns for authorization in distributed, collaborative systems
暂无分享,去创建一个
[1] W. Keith Edwards,et al. Putting computing in context: An infrastructure to support extensible context-enhanced collaborative applications , 2005, TCHI.
[2] Eduardo B. Fernandez,et al. A Comprehensive Pattern-Driven Security Methodology for Distributed Systems , 2014, 2014 23rd Australian Software Engineering Conference.
[3] Robert O. Briggs,et al. Modifiers: Increasing Richness and Nuance of Design Pattern Languages , 2008, EuroPLoP.
[4] Jiang Liu,et al. Conflicts analysis and resolution for access control policies , 2010, 2010 IEEE International Conference on Information Theory and Information Security.
[5] Eduardo B. Fernandez,et al. Patterns for session-based access control , 2006, PLoP '06.
[6] Jie Wu,et al. Patterns for access control in distributed systems , 2007, PLOP '07.
[7] W. Keith Edwards,et al. Policies and roles in collaborative applications , 1996, CSCW '96.
[8] Mario Piattini,et al. Security patterns and requirements for internet-based applications , 2006, Internet Res..
[9] Jean Bacon,et al. Access Control in Distributed Systems , 2004 .
[10] Wouter Joosen,et al. A system of security patterns , 2006 .
[11] Svein J. Knapskog,et al. Proceedings of the 1st International Workshop on Security and Communication Networks (IWSCN 2009) , 2010 .
[12] Lingyu Wang,et al. Aspect-Oriented Modeling for Representing and Integrating Security Concerns in UML , 2010, SERA.
[13] Douglas R. Stinson,et al. On the Construction of Practical Key Predistribution Schemes for Distributed Sensor Networks Using Combinatorial Designs , 2008, TSEC.
[14] Anne-Marie Kermarrec,et al. XL peer-to-peer pub/sub systems , 2013, ACM Comput. Surv..
[15] Wolfgang Nejdl,et al. Rule-based Policy Specification , 2007, Secure Data Management in Decentralized Systems.
[16] Frank Buschmann,et al. Pattern-Oriented Software Architecture, a Pattern Language for Distributed Computing , 2007 .
[17] William J Buchanan. Distributed Systems and Networks , 2000 .
[18] Simon S. Lam,et al. A framework for distributed authorization , 1993, Conference on Computer and Communications Security.
[19] Sushil Jajodia,et al. Access Control Policies and Languages in Open Environments , 2007, Secure Data Management in Decentralized Systems.
[20] Jacques Klein,et al. Advances in Model-Driven Security , 2014, Adv. Comput..
[21] Min Xu,et al. A trusted decentralized access control framework for the client/server architecture , 2010, J. Netw. Comput. Appl..
[22] Joan Feigenbaum,et al. The Role of Trust Management in Distributed Systems Security , 2001, Secure Internet Programming.
[23] Hossein Saiedian,et al. Secure Software Engineering: Learning from the Past to Address Future Challenges , 2009, Inf. Secur. J. A Glob. Perspect..
[24] Markus Schumacher,et al. Security Engineering with Patterns , 2003, Lecture Notes in Computer Science.
[25] Peter Sommerlad,et al. Security Patterns: Integrating Security and Systems Engineering , 2006 .
[26] Gustavo Alonso,et al. Understanding replication in databases and distributed systems , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.
[27] Dieter Gollmann,et al. Computer Security , 1979, Lecture Notes in Computer Science.
[28] Jaehong Park,et al. The UCONABC usage control model , 2004, TSEC.
[29] Hannah K. Lee. Unraveling decentralized authorization for multi-domain collaborations , 2007, 2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007).
[30] Hernán Astudillo,et al. Should we use tactics or patterns to build secure systems , 2012 .
[31] Bernard Pavard,et al. Design of cooperative systems in complex dynamic environments , 1995 .
[32] Peter Sommerlad,et al. Pattern-Oriented Software Architecture Volume 1: A System of Patterns , 1996 .
[33] B. F. Castro. Buschmann, Frank; Meunier, Regine; Rohnert, Hans; Sommerlad, Peter; Stal, Michael. Pattern-oriented software architecture: a system of patterns, John Wiley & Sons Ltd, 1996 , 1997 .
[34] Michiharu Kudo,et al. Access Control Policy Languages in XML , 2008, Handbook of Database Security.
[35] Paul Ashley,et al. Practical Intranet Security: Overview of the State of the Art and Available Technologies , 1999 .
[36] D. M. Hutton,et al. Process Patterns: Building Large‐Scale Systems Using Object Technology , 1999 .
[37] Eduardo Fernandez-Buglioni,et al. Security Patterns in Practice: Designing Secure Architectures Using Software Patterns , 2013 .
[38] James C. Browne,et al. On classifying access control implementations for distributed systems , 2006, SACMAT '06.
[39] Christian Damsgaard Jensen,et al. A unified security framework for networked applications , 2003, SAC '03.
[40] Ralph Johnson,et al. design patterns elements of reusable object oriented software , 2019 .
[41] Paulo S. C. Alencar,et al. A uniform approach for access control and business models with explicit rule realization , 2015, International Journal of Information Security.
[42] Jan Jürjens,et al. Rubacon: automated support for model-based compliance engineering , 2008, ICSE '08.
[43] Vijay Varadharajan,et al. Authorization in enterprise-wide distributed system: a practical design and application , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).
[44] Brian Henderson-Sellers,et al. Situational Method Engineering: State-of-the-Art Review , 2010, J. Univers. Comput. Sci..
[45] Ravi S. Sandhu,et al. Engineering authority and trust in cyberspace: the OM-AM and RBAC way , 2000, RBAC '00.
[46] David M. Eyers,et al. Access Control in Decentralised Publish/Subscribe Systems , 2007, J. Networks.
[47] Alan H. Karp,et al. Solving the Transitive Access Problem for the Services Oriented Architecture , 2010, 2010 International Conference on Availability, Reliability and Security.
[48] Rick Kazman,et al. A Methodology for Mining Security Tactics from Security Patterns , 2010, 2010 43rd Hawaii International Conference on System Sciences.
[49] Samuel Marchal,et al. Know Your Phish: Novel Techniques for Detecting Phishing Sites and Their Targets , 2015, 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS).
[50] Eduardo B. Fernández,et al. A comprehensive pattern-oriented approach to engineering security methodologies , 2015, Inf. Softw. Technol..
[51] Mourad Debbabi,et al. Security Design Patterns: Survey and Evaluation , 2006, 2006 Canadian Conference on Electrical and Computer Engineering.
[52] Raphael C.-W. Phan. Review of Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition by Ross J. Anderson , 2009, Cryptologia.
[53] Luis A. Guerrero,et al. A pattern system for the development of collaborative applications , 2001, Inf. Softw. Technol..
[54] Vipin Chaudhary,et al. History-based access control for mobile code , 1998, CCS '98.
[55] Steve Barker,et al. GPF: A General Policy Framework , 2011, 2011 IEEE International Symposium on Policies for Distributed Systems and Networks.
[56] Klaas Sikkel,et al. User-Oriented Authorization in Collaborative Environments , 1998 .
[57] Claudia-Lavinia Ignat,et al. A Contract-Extended Push-Pull-Clone Model for Multi-Synchronous Collaboration , 2012, Int. J. Cooperative Inf. Syst..
[58] Mario Piattini,et al. A UML 2.0 profile to define security requirements for Data Warehouses , 2009, Comput. Stand. Interfaces.
[59] Shihong Huang,et al. A set of courses for teaching secure software development , 2006, 19th Conference on Software Engineering Education and Training Workshops (CSEETW'06).
[60] Prasun Dewan,et al. Flexible meta access-control for collaborative applications , 1998, CSCW '98.
[61] Uwe van Heesch,et al. Combining Architectural Patterns and Software Technologies in one Design Language , 2012 .
[62] Mario Cannataro,et al. Protein-to-protein interactions: Technologies, databases, and algorithms , 2010, CSUR.
[63] Zora Konjovic,et al. PolicyDSL: Towards generic access control management based on a policy metamodel , 2013, 2013 IEEE 12th International Conference on Intelligent Software Methodologies, Tools and Techniques (SoMeT).
[64] Fabio Martinelli,et al. Usage control in computer security: A survey , 2010, Comput. Sci. Rev..
[65] Patrick D. McDaniel,et al. On context in authorization policy , 2003, SACMAT '03.
[66] Simon Edward Parkin,et al. Architecting Dependable Access Control Systems for Multi-domain Computing Environments , 2008, WADS.
[67] Mario Piattini,et al. Systematic design of secure Mobile Grid systems , 2011, J. Netw. Comput. Appl..
[68] Fabio Massacci,et al. The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals , 2015, REFSQ.
[69] Stavros A. Koubias,et al. A dynamic context-aware access control architecture for e-services , 2006, Comput. Secur..
[70] Eduardo B. Fernández,et al. An authorization model for a shared data base , 1975, SIGMOD '75.
[71] Eduardo B. Fernandez,et al. The credentials pattern , 2006, PLoP '06.
[72] Vijay Karamcheti,et al. dRBAC: distributed role-based access control for dynamic coalition environments , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.
[73] Ravi S. Sandhu,et al. The PEI framework for application-centric security , 2009, 2009 Proceedings of the 1st International Workshop on Security and Communication Networks.
[74] A. Karp,et al. From ABAC to ZBAC : The Evolution of Access Control Models , 2009 .
[75] Ramesh Nagappan,et al. Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management , 2005 .
[76] Simin Hall,et al. Fundamental features of a unified trust model for distributed systems , 2011, Proceedings of the 2011 IEEE National Aerospace and Electronics Conference (NAECON).
[77] Feike W. Dillema,et al. A Decentralized Authorization Architecture , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).
[78] Eduardo B. Fernández,et al. Secure Middleware Patterns , 2012, CSS.
[79] Ravi S. Sandhu,et al. Roles in information security - A survey and classification of the research area , 2011, Comput. Secur..
[80] Uwe Zdun,et al. Remoting patterns - foundations of enterprise, internet and realtime distributed object middleware , 2004, Wiley series in software design patterns.
[81] Paul Dourish,et al. Towards an architectural treatment of software security , 2005 .
[82] Philippe Lalanda Thomson. Shared repository pattern , 1998 .
[83] Eduardo B. Fernández,et al. Securing distributed systems using patterns: A survey , 2012, Comput. Secur..
[84] Yi Pan,et al. Trust and Security in Collaborative Computing , 2008, Computer and Network Security.
[85] Pascal Molli,et al. Building a collaborative peer-to-peer wiki system on a structured overlay , 2010, Comput. Networks.
[86] Denis Pinkas,et al. SESAME: The solution to security for open distributed systems , 1994, Comput. Commun..
[87] Vijayalakshmi Atluri,et al. The Policy Machine: A novel architecture and framework for access control policy specification and enforcement , 2011, J. Syst. Archit..
[88] Xiaoyang Sean Wang,et al. Authorization in trust management: Features and foundations , 2008, CSUR.
[89] Alan H. Karp,et al. Access control for the services oriented architecture , 2007, SWS '07.
[90] Claudio Gutierrez,et al. Survey of graph database models , 2008, CSUR.
[91] Ross J. Anderson. Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .
[92] Jia-Guang Sun,et al. Task-activity based access control for process collaboration environments , 2009, Comput. Ind..
[93] Eduardo B. Fernández,et al. Decomposing Distributed Software Architectures for the Determination and Incorporation of Security and Other Non-functional Requirements , 2013, 2013 22nd Australian Software Engineering Conference.
[94] Michaël Rusinowitch,et al. Practical access control management for distributed collaborative editors , 2014, Pervasive Mob. Comput..
[95] Vijayalakshmi Atluri,et al. Symposium on Access Control Models and Technologies - SACMAT 2012 , 2012 .
[96] Antonio Maña,et al. Security Patterns, Towards a Further Level , 2009, SECRYPT.
[97] Ruth Breu,et al. Security engineering for service-oriented architectures , 2008 .
[98] Eduardo B. Fernández,et al. Engineering Security into Distributed Systems: A Survey of Methodologies , 2012, J. Univers. Comput. Sci..
[99] Klaus Renzel,et al. A pattern language , 2011 .
[100] Luis A. Guerrero,et al. Designing the Communications Infrastructure of Groupware Systems , 2002, CRIWG.
[101] Holger Schmidt. A pattern- and component-based method to develop secure software , 2010 .
[102] Selim G. Akl,et al. Adaptive Cryptographic Access Control , 2010, Advances in Information Security.
[103] Rogério de Lemos,et al. Architecting Dependable Systems VI , 2009, WADS.
[104] Sabrina De Capitani di Vimercati,et al. Access Control Policies, Models, and Mechanisms , 2011, Encyclopedia of Cryptography and Security.
[105] Marianne Winslett,et al. Automated Trust Negotiation in Open Systems , 2007, Secure Data Management in Decentralized Systems.
[106] Bill Whyte,et al. State of Practice in Secure Software: Experts’ Views on Best Ways Ahead , 2011 .
[107] Kamel Adi,et al. UACML: Unified Access Control Modeling Language , 2011, 2011 4th IFIP International Conference on New Technologies, Mobility and Security.
[108] Duncan A. Grove,et al. An Overview of the Annex System , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).
[109] Eduardo B. Fernández,et al. ASE: A comprehensive pattern-driven security methodology for distributed systems , 2014, Comput. Stand. Interfaces.
[110] Emil C. Lupu,et al. Conflicts in Policy-Based Distributed Systems Management , 1999, IEEE Trans. Software Eng..
[111] Ralph E. Johnson,et al. Growing a pattern language (for security) , 2012, Onward! 2012.
[112] Eduardo B. Fernandez,et al. Security patterns in practice : designing secure architectures using software patterns , 2013 .
[113] Vivy Suhendra. A Survey on Access Control Deployment , 2011, FGIT-SecTech.
[114] Dirk Riehle. Lessons Learned from Using Design Patterns in Industry Projects , 2011, Trans. Pattern Lang. Program..
[115] Walter F. Tichy,et al. Propagator: a family of patterns , 1997, Proceedings of TOOLS USA 97. International Conference on Technology of Object Oriented Systems and Languages.
[116] Gregory A. Koenig,et al. Clusters and security: distributed security for distributed systems , 2005, CCGrid 2005. IEEE International Symposium on Cluster Computing and the Grid, 2005..
[117] Sabrina De Capitani di Vimercati,et al. Recent Advances in Access Control , 2008, Handbook of Database Security.
[118] Eduardo B. Fernández,et al. A Pattern System for Access Control , 2004, DBSec.
[119] Marianne Winslett,et al. Traust: a trust negotiation-based authorization service for open systems , 2006, SACMAT '06.
[120] Daniel Mellado,et al. A systematic review of security requirements engineering , 2010, Comput. Stand. Interfaces.
[121] Richard O. Sinnott,et al. A review of grid authentication and authorization technologies and support for federated access control , 2011, CSUR.
[122] Olaf Zimmermann,et al. Extending a Secure System Development Methodology to SOA , 2007 .
[123] Paul Clements,et al. Software architecture in practice , 1999, SEI series in software engineering.
[124] Gary McGraw,et al. On Bricks and Walls: Why Building Secure Software is Hard , 2002, Computers & security.
[125] Marianne Winslett,et al. Policy-Driven Distributed Authorization: Status and Prospects , 2007, Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07).
[126] David A. Basin,et al. SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.
[127] Karsten Sohr,et al. Organizing Security Patterns Related to Security and Pattern Recognition Requirements , 2012 .
[128] Eduardo B. Fernández,et al. A Pattern-Driven Security Process for SOA Applications , 2008, ARES.
[129] Jan de Muijnck-Hughes,et al. Security Pattern Evaluation , 2014, 2014 IEEE 8th International Symposium on Service Oriented System Engineering.
[130] Sabrina De Capitani di Vimercati,et al. Access control: principles and solutions , 2003, Softw. Pract. Exp..
[131] Hironori Washizaki,et al. Abstract security patterns , 2008 .
[132] Anton V. Uzunov,et al. The Design and Implementation of Persistence in the Annex System , 2009 .
[133] Vijay Varadharajan. Distributed Authorization: principles and practice , 2002 .
[134] Ravi S. Sandhu,et al. Toward a Usage-Based Security Framework for Collaborative Computing Systems , 2008, TSEC.
[135] Jan Jürjens. Sound methods and effective tools for model-based security engineering with UML , 2005, ICSE '05.
[136] George Spanoudakis,et al. Security and Dependability for Ambient Intelligence , 2009, Security and Dependability for Ambient Intelligence.
[137] Wei Zhou. Access control model and policies for collaborative environments , 2008 .
[138] Walter Zimmer,et al. Relationships between design patterns , 1995 .
[139] Peter Sommerlad,et al. Pattern-Oriented Software Architecture , 1996 .
[140] Roshan K. Thomas,et al. Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments , 1997, RBAC '97.
[141] Mario Piattini,et al. Developing a Secure Mobile Grid System through a UML Extension , 2010, J. Univers. Comput. Sci..
[142] Seng-Phil Hong,et al. Access control in collaborative systems , 2005, CSUR.
[143] Klaas Sikkel. A Group-based Authorization Model for Cooperative Systems , 1997, ECSCW.
[144] Elisa Bertino,et al. Database security - concepts, approaches, and challenges , 2005, IEEE Transactions on Dependable and Secure Computing.
[145] Manachai Toahchoodee,et al. An aspect-oriented methodology for designing secure applications , 2009, Inf. Softw. Technol..
[146] Roger Lee. Software Engineering Research, Management and Applications 2010 , 2017 .
[147] Prasun Dewan,et al. Access control for collaborative environments , 1992, CSCW '92.
[148] Peter Tandler,et al. Architectural patterns for collaborative applications , 2006, Int. J. Comput. Appl. Technol..
[149] Ranjita Bhagwan,et al. Baaz: A System for Detecting Access Control Misconfigurations , 2010, USENIX Security Symposium.
[150] G. Gheorghiu,et al. Authorization for metacomputing applications , 1998, Proceedings. The Seventh International Symposium on High Performance Distributed Computing (Cat. No.98TB100244).
[151] Eduardo B. Fernández,et al. Patterns and Pattern Diagrams for Access Control , 2008, TrustBus.
[152] Alexander Pretschner,et al. Distributed usage control , 2006, CACM.
[153] Peter Sommerlad,et al. Pattern-Oriented Software Architecture: A System of Patterns: John Wiley & Sons , 1987 .
[154] Emil C. Lupu,et al. The Ponder Policy Specification Language , 2001, POLICY.
[155] Steve Barker. The next 700 access control models or a unifying meta-model? , 2009, SACMAT '09.
[156] Anton V. Uzunov. A survey of security solutions for distributed publish/subscribe systems , 2016, Comput. Secur..
[157] Eduardo B. Fernandez,et al. Database Security and Integrity , 1981 .
[158] Luigi Logrippo,et al. Concrete- and abstract-based access control , 2011, International Journal of Information Security.
[159] Ravi S. Sandhu,et al. The authorization leap from rights to attributes: maturation or chaos? , 2012, SACMAT '12.
[160] Antonio Maña,et al. Representation of Security and Dependability Solutions , 2009, Security and Dependability for Ambient Intelligence.
[161] Abhijit Belapurkar,et al. Distributed Systems Security: Issues, Processes and Solutions , 2009 .
[162] Sabrina De Capitani di Vimercati,et al. A fine-grained access control system for XML documents , 2002, TSEC.
[163] Robert Johansen,et al. Groupware: Computer Support for Business Teams , 1988 .
[164] J. Hogg. Web service security : scenarios, patterns, and implementation guidance for Web services enhancements (WSE) 3.0 , 2005 .
[165] Jon Whittle,et al. A Survey of Approaches to Adaptive Application Security , 2007, International Workshop on Software Engineering for Adaptive and Self-Managing Systems (SEAMS '07).
[166] Achim D. Brucker,et al. Extending access control models with break-glass , 2009, SACMAT '09.
[167] Eduardo B. Fernandez,et al. A pattern language for security models , 2001 .