Benjamin Aziz

Learn More
We present a refined model for Role Based Access Control policies and define a risk measure for the model, which expresses elements of the operational , combinatorial and conflict of interest risks present in a particular policy instance. The model includes risk-reducing mechanisms corresponding to practical mechanisms like firewalls, stack checking,(More)
We propose a language for expressing fine-grained security policies for controlling orchestrated business processes modelled as a BPEL workflow. Our policies are expressed as a process algebra that permits a BPEL activity, denies it or force-terminates it. The outcome is evaluates with compensation contexts. Finally, we give an example of these policies in(More)
We propose a syntactic extension of Event-B incorporating a limited notion of obligation described by triggers. The trigger of an event is the dual of the guard: when a guard is not true, an event must not occur, whereas when a trigger is true, the event must occur. The obligation imposed by a trigger is interpreted as a constraint on when the other events(More)
In this paper, we present a formal model of virtual organisations that incorporates the concept of conflicts of interest. The model, which follows an incremental development approach using Event-B, focuses on goals and organisations at the abstract level and introduces resources at the concrete level. The model is motivated by the type of virtual(More)
In collaborative systems, a set of organisations shares their computing resources, such as compute cycles, storage space, or on-line services, in order to establish Virtual Organisations aimed at achieving common tasks. The formation and operation of Virtual Organisations involve establishing trust among their members and reputation is one measure by which(More)
A Data Sharing Agreement (DSA) is a contract among two or more principals regulating how they share data. Agreements are usually represented as a set of clauses expressed using the deontic notions of obligation, prohibition and permission. In this paper, we present how to model DSAs using the Event-B specification language. Agreement clauses are modelled as(More)
We present in this paper, semi-π, an extension of the π-calculus that allows processes to query quantitative values of different actions and decide based on those values, whether an action is feasible or not. Our measure of quantity is based on the general notion of semirings. Furthermore, we develop a syntax-directed static analysis for the new language,(More)
Grid computing allows one to access, utilise and manage heterogeneous resources in virtual organisations across multiple domains and institutions. The formation and operation of virtual organisations involve establishing trust among their members and reputation is one measure by which such trust can be quantified and reasoned about. This paper presents a(More)