Oscar Encina

Learn More
We have previously proposed a new type of pattern, the misuse pattern. The misuse pattern describes how a misuse is performed from the point of view of the attacker, what system units it uses and how, provides ways of stopping the attack by enumerating possible security patterns that can be applied for this purpose, and provides forensic information. A(More)
We have written patterns for authorization that define access at the item (resource, data) level. However, in many cases we need to have a further level of granularity. For that purpose, we present here a pattern for Content-dependent authorization that controls access at the data value level. In some cases we need to return values with additional(More)
  • 1