An Overview of The Ongoing Research at LERSSE
This presentation provides an overview of the research projects undergoing at the Laboratory for Education and Research in Secure Systems Engineering (LERSSE).
View ArticleAnalysis of Scalable Security – MC-SSL Savings
This paper investigates how MC-SSL can alleviate the CPU requirements of secure web transactions by using multiple channels, each with its own, different, cipher suite, and switching the channel based...
View ArticleApplicability of CORBA Security to the Healthcare Problem Domain
This paper suggests directions OMG Healthcare Domain Task Force (CORBAmed) could take in proposing OMG standards related to security in the healthcare vertical domain. The ideas are based on the...
View ArticleApplying Aspect-Orientation in Designing Security Systems: A Case Study
As a security policy model evolves, the design of security systems using that model could become increasingly complicated. It is necessary to come up with an approach to guide the development, reuse...
View ArticleArchitectural Separation of Authorization and Application Logic in...
Security is an essential feature and foremost concern to enterprise software systems. Today, application-level access control (and other security) functions are based on complex, fine-grain and/or...
View ArticleArchitecture of Information Enterprises: Problems and Perspectives
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed. Research directions for solving the main problems of information enterprise...
View ArticleArchitecture of Information Enterprises: Problems and Perspectives
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed. Research directions for solving the main problems of information enterprise...
View ArticleArchitecture of Information Enterprises: Problems and Perspectives
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed. Research directions for solving the main problems of information enterprise...
View ArticleSupporting End-to-end security Across Proxies with Multiple-channel SSL
Secure Socket Layer (SSL) has functional limitations that prevent end-to-end security in the presence of untrusted intermediary application proxies used by clients to communicate with servers. This...
View ArticleArchitecture-Centered Composition of Adaptive and Dependable Enterprise...
Security is an essential feature and foremost concern to enterprise software systems. Today, application-level security functions, e.g. access control based on complex, fine-grain and/or context...
View ArticleAttribute Function: an Enabler for Effective Inexpensive Application-specific...
Security is an essential feature and foremost concern to Internet and enterprise distributed software applications. However, the adoption of secure distributed applications by commercial and government...
View ArticleClient-Server Semantic Binary Database: Design and Development
This paper describes design and implementation of client-server architecture for Semantic Binary Database Management System developed at High Performance Database Research Center, Florida International...
View ArticleComputer and Distributed Security: Introductory Overview for Researchers
Outline: - What is security of computer systems - Security and usability - The main challenge for security - Threats, Vulnerabilities, and Attacks - Security Concerns - Distributed Security - Security...
View ArticleCORBAmed Security White Paper
The issue of security in healthcare has been discussed from a variety of perspectives at many CORBAmed meetings. This report focuses on the practical topic of how CORBAmed RFPs for services can go...
View ArticleCPR Security CORBA-based Security and Intranet Services
Intranet information services based on such technologies as WWW will continue to grow. Not every intranet service is and will be based on CORBA architecture. Some will continue to utilize plain...
View ArticleDesign
Learning objectives: * understand the principles of engineering secure systems. * make effective use of security constructs provided by current technologies. * trade off security against useability...
View ArticleDesign and Implementation of Resource Access Decision Server
Decoupling authorization decision logic enables implementation of complex and consistent access control policies across heterogeneous systems. However, this is difficult, if not impossible to implement...
View ArticleEngineering Access Control for Distributed Enterprise Applications
Access control (AC) is a necessary defense against a large variety of security attacks on the resources of distributed enterprise applications. However, to be effective, AC in some application domains...
View Article