Learn More
Grid computing allows one to access, utilise and manage heterogeneous resources in virtual organisations across multiple domains and institutions. The formation and operation of virtual organisations involve establishing trust among their members and reputation is one measure by which such trust can be quantified and reasoned about. This paper presents a(More)
We propose a syntactic extension of Event-B incorporating a limited notion of obligation described by triggers. The trigger of an event is the dual of the guard: when a guard is not true, an event must not occur, whereas when a trigger is true, the event must occur. The obligation imposed by a trigger is interpreted as a constraint on when the other events(More)
In goal-oriented requirements engineering methodologies, goals are structured into refinement trees from high-level system-wide goals down to fine-grained requirements assigned to specific soft-ware/hardware/human agents that can realise them. Functional goals assigned to software agents need to be operationalised into specification of services that the(More)
We present a refined model for Role Based Access Control policies and define a risk measure for the model, which expresses elements of the operational , combinatorial and conflict of interest risks present in a particular policy instance. The model includes risk-reducing mechanisms corresponding to practical mechanisms like firewalls, stack checking,(More)
In this paper, we discuss the use of formal requirements-engineering techniques in capturing security requirements for a Grid-based operating system. We use KAOS goal model to represent two security goals for Grid systems, namely authorisation and single-sign on authentication. We apply goal-refinement to derive security requirements for these two security(More)
We propose a language for expressing fine-grained security policies for controlling orchestrated business processes modelled as a BPEL workflow. Our policies are expressed as a process algebra that permits a BPEL activity, denies it or force-terminates it. The outcome is evaluates with compensation contexts. Finally, we give an example of these policies in(More)
An ad hoc mobile network (MANET), is a collection of wireless mobile hosts that form a temporary network without the aid of any centralized administration or support. In such a network, each mobile node operates not only as a host but also as a router, forwarding packets for other mobile nodes in the network that may be multiple hops away from each other.(More)
Man-in-the-middle attacks are one of the most popular and fundamental attacks on distributed systems that have evolved with advances in distributed computing technologies and have assumed several shapes ranging from simple IP spoofing to complicated attacks on wireless communications, which have safety-critical applications such as remote wireless passport(More)