This paper argues that Napoleon, a flexible, role-based access control (RBAC) modeling environment, is also a practical solution for enforcing business process control, or workflow, policies. Napoleon provides two important benefits for workflow: simplified policy management and support for heterogeneous, distributed systems. We discuss our strategy for… (More)
Two security mechanisms are compared and contrasted based on their implementation of Clark and Wilson's concept of well-formed transactions.
Napoleon consists of three parts; a model for specifying security policies for a heterogeneous set of network resources: a graphical tool for manipulating the model and software to translate the policy to target security mechanisms. This paper focuses on how the layered policy approach in the Napoleon model has been generalized to allow for adding… (More)
—Today's computer systems are under relentless attack from cyber attackers armed with sophisticated vulnerability search and exploit development toolkits. To protect against such threats, we are developing FUZZBUSTER, an automated system that provides adaptive immunity against a wide variety of cyber threats. FUZZBUSTER reacts to observed attacks and… (More)