Access Control Enforcement in IoT: state of the art and open challenges in the Zero Trust era
Zero Trust (ZT) is a security paradigm which is nowadays finding application in different
domains. One of the domain that can most benefit from ZT is represented by Internet of …
domains. One of the domain that can most benefit from ZT is represented by Internet of …
Blockaid: Data access policy enforcement for web applications
Modern web applications serve large amounts of sensitive user data, access to which is
typically governed by data-access policies. Enforcing such policies is crucial to preventing …
typically governed by data-access policies. Enforcing such policies is crucial to preventing …
Optimal security-aware query processing
M Guarnieri, D Basin - Proceedings of the VLDB Endowment, 2014 - dl.acm.org
Security-Aware Query Processing is the problem of computing answers to queries in the
presence of access control policies. We present general impossibility results for the …
presence of access control policies. We present general impossibility results for the …
Strong and provably secure database access control
M Guarnieri, S Marinovic… - 2016 IEEE European …, 2016 - ieeexplore.ieee.org
Existing SQL access control mechanisms are extremely limited. Attackers can leak
information and escalate their privileges using advanced database features such as views …
information and escalate their privileges using advanced database features such as views …
Abstract interpretation of recursive queries
In this paper, we extend recent works on concrete and abstract semantics of structured query
languages by considering recursive queries too. We show that combining abstraction of data …
languages by considering recursive queries too. We show that combining abstraction of data …
[图书][B] Infrastructure Support for Datacenter Applications
MA Chang - 2021 - eecs.berkeley.edu
The barrier to entry of deploying applications in datacenter environments has been greatly
reduced over the last decade. With the advent of cloud computing, application developers …
reduced over the last decade. With the advent of cloud computing, application developers …
Extending abstract interpretation to new applicative scenarios
R Halder - 2012 - dspace.unive.it
The aim of this thesis is to extend the Abstract Interpretation framework to the broader
context of Information Systems. In particular, we address issues related to security …
context of Information Systems. In particular, we address issues related to security …
[PDF][PDF] Formal Foundations for Access and Inference Control in Databases
M Guarnieri - 2017 - research-collection.ethz.ch
Databases often store and manage sensitive data. Regulating the access to databases is,
therefore, essential. To this end, database security researchers have developed both access …
therefore, essential. To this end, database security researchers have developed both access …
[PDF][PDF] Observation-based Fine Grained Access Control of Data
In this paper, we propose an observation-based fine grained access control (OFGAC)
mechanism where data are made accessible at various levels of abstractions according to …
mechanism where data are made accessible at various levels of abstractions according to …
Observation-based Fine Grained Access Control of Data
In this paper, we propose an observation-based fine grained access control (OFGAC)
mechanism where data are made accessible at various levels of abstractions according to …
mechanism where data are made accessible at various levels of abstractions according to …