Learn More
As cloud-based services gain popularity in both private and enterprise domains, cloud consumers are still lacking in tools to verify that these services work as expected. Such tools should consider properties such as functional correctness, service availability, reliability, performance and security guarantees. In this paper we survey existing work in these(More)
Enforcing complex policies that span organizational domains is an open challenge. Current work on SOA policy enforcement splits security in logical components that can be distributed across domains, but does not offer any concrete solution to integrate this security functional-ity so that it works across security services for organization-wide policies. In(More)
lies in the presence of hematologic precursors within the PMGCT stroma and vessels within the yolk sac tumor component of these tumors. 11 It can be further speculated that expression of hema-topoietic growth and differentiation factors in some PMGCT could drive the differentiation of primordial germ cells into hematopoietic progeny. The differentiation(More)
Streaming applications over Peer-To-Peer (P2P) systems have gained an enormous popularity. Success always implies increased concerns about security, protection , privacy and all the other 'side' properties that transform an experimental application into a service. Research on security for P2P streaming started to flourish , but no comprehensive security(More)
In this paper we present Trishul-UCON (T-UCON), a DRM system based on the UCON_ABC model. T-UCON is designed to be capable of enforcing not only application-specific policies, as any existing software-based DRM solution does, but also DRM policies across applications. This is achieved by binding the DRM policy only to the content it protects with no(More)
As Service Oriented Architectures (SOA) and Webservices are becoming widely deployed, the problematic of security is farf rom being solved. In an attempt to address this issue, the industry proposed several extensions to the SOAP protocol that currently reached different levels of standardization. However, no architectural guidelines have yet been proposed.(More)
For large distributed applications, security and performance are two requirements often difficult to satisfy together. Addressing them separately leads more often to fast systems with security holes, rather than secure systems with poor performance. For instance, caching data needed for security decisions can lead to security violations when the data(More)
In enterprise applications, regulatory and business policies are shifting their semantic from access to usage control requirements. The aim of such policies is to constrain the usage of groups of resources based on complex conditions that require not only state-keeping but also automatic reaction to state changes. We argue that these policies instantiate(More)
Advanced methodologies for compliance such as CobiT identify a number of maturity levels that must be reached: first the existence of an <i>infrastructure</i> for the enforcement of security controls; second, the ability to continuously monitor and audit <i>quantifiable indicators</i> for the controls put in place; and third, the ability to <i>react</i>(More)