Learn More
A policy-based management system is only really useful if it allows not only high level description of abstract policy, but also enables such policy to be refined and eventually mapped into an appropriate configuration for controlling devices in the managed system. Such a full integration has only been discussed in the literature but not realised so far.(More)
The Internet provides a mechanism for the delivery of many different types of services including traditional business transaction processing as well as new E-Commerce services. The acceptance of these services is dependent on their delivery in a secure and reliable fashion. Till now there has been little emphasis on the overall management of these services(More)
In order to manage the use of roles for the purpose of access control, it is important to look at attributes beyond the consideration of capability assignment. Fundamentally, a generic attribute description using a constraint-based approach will allow many of the important aspects of role, such as scope, activation and deactivation, to be included.(More)
Virtualization brings exibility to the data center and enables separations allowing for better security properties. For these security properties to be fully utilized, virtual machines need to be able to connect to secure services such as networking and storage. This paper addresses the problems associated with managing the cryptographic keys upon which(More)
In this paper we address the appropriate management of risk in federated identity management systems by presenting an identity assurance framework and supporting technologies. We start by discussing the risk mitigation framework that should be part of any identity assurance solution. We then demonstrate how our model based assurance technologies can be used(More)
In this paper we describe an enterprise assurance model allowing many layers of the enterprise architecture from the business processes; supporting applications and the IT infrastructure and operational processes to be represented and related from a control and risk perspective. This provides a consistent way of capturing and relating the risk views for the(More)