Página 1 dos resultados de 62 itens digitais encontrados em 0.001 segundos

‣ Um modelo de autorização contextual para o controle de acesso ao prontuário eletrônico do paciente em ambientes abertos e distribuídos.; A contextual authorization model for access control of electronic patient record in open distributed environments.

Motta, Gustavo Henrique Matos Bezerra
Fonte: Biblioteca Digitais de Teses e Dissertações da USP Publicador: Biblioteca Digitais de Teses e Dissertações da USP
Tipo: Tese de Doutorado Formato: application/pdf
Publicado em 05/02/2004 Português
Relevância na Pesquisa
28.086145%
Os recentes avanços nas tecnologias de comunicação e computação viabilizaram o pronto acesso às informações do prontuário eletrônico do paciente (PEP). O potencial de difusão de informações clínicas resultante suscita preocupações acerca da priva-cidade do paciente e da confidencialidade de seus dados. As normas presentes na legislação dispõem que o conteúdo do prontuário deve ser sigiloso, não cabendo o acesso a ele sem a prévia autorização do paciente, salvo quando necessário para be-neficiá-lo. Este trabalho propõe o MACA, um modelo de autorização contextual para o controle de acesso baseado em papéis (CABP) que contempla requisitos de limita-ção de acesso ao PEP em ambientes abertos e distribuídos. O CABP regula o acesso dos usuários ao PEP com base nas funções (papéis) que eles exercem numa organi-zação. Uma autorização contextual usa informações ambientais disponíveis durante o acesso para decidir se um usuário tem o direito e a necessidade de acessar um re-curso do PEP. Isso confere ao MACA flexibilidade e poder expressivo para estabele-cer políticas de acesso ao PEP e políticas administrativas para o CABP que se adap-tam à diversidade ambiental e cultural das organizações de saúde. O MACA ainda permite que os componentes do PEP utilizem o CABP de forma transparente para o usuário final...

‣ Modelo de segurança multilateral e RBAC em um ambiente de serviço no contexto de gerenciamento de contabilidade TINA

Cáceres Alvarez, Luis Marco
Fonte: Florianópolis, SC Publicador: Florianópolis, SC
Tipo: Tese de Doutorado Formato: xviii, 192 f.| il.
Português
Relevância na Pesquisa
27.31461%
Tese (doutorado) - Universidade Federal de Santa Catarina, Centro Tecnológico. Programa de Pós-Graduação em Ciência da Computação.; Na área das telecomunicações, a crescente evolução e o constante desenvolvimento de novas tecnologias, aliado a fatores econômicos, tem proporcionado um grande impacto em praticamente todos os setores da sociedade. Além disso, a inexistência de padrões no setor de telecomunicações evidenciou as diferenças entre as estruturas das operadoras, onde existe uma constante introdução de novos serviços. Para atender rapidamente esta necessidade, faz-se necessário o uso de tecnologias avançadas que permitam conduzir a especificação e desenvolvimento desses serviços de uma maneira ágil e eficiente. Dentre tais tecnologias, pode se citar a orientação a objetos, reuso de componentes, sistemas distribuídos, arquitetura de serviços e, principalmente, TINA (Telecommunications Information Networking Architecture) devido à sua natureza aberta e independente de tecnologia. Os conceitos e os princípios de TINA foram elaborados com o objetivo de solucionar problemas existentes em IN (Intelligent Network), como o de controle de serviços centralizados e do modelo de dados de serviços. Nesse sentido...

‣ How to securely break into RBAC: the BTG-RBAC model

Ferreira, Ana; Chadwick, David; Zao, Gansen; Farinha, Pedro; Correia, Ricardo; Chilro, Rui; Antunes, Luís
Fonte: Universidade do Porto Publicador: Universidade do Porto
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
28.220327%
Access control models describe frameworks that dictate how subjects (e.g. users) access resources. In the Role-Based Access Control (RBAC) model access to resources is based on the role the user holds within the organization. Although flexible and easier to manage within large-scale authorization frameworks, RBAC is usually a static model where access control decisions have only two output options: Grant or Deny. Break The Glass (BTG) policies can be provided in order to break or override the access controls within an access control policy but in a controlled and justifiable manner. The main objective of this paper is to integrate BTG within the NIST/ANSI RBAC model in a transparent and secure way so that it can be adopted generically in any domain where unanticipated or emergency situations may occur. The new proposed model, called BTG-RBAC, provides a third decision option BTG. This allows break the glass policies to be implemented in any application without any major changes to either the application or the RBAC authorization infrastructure, apart from the decision engine. Finally, in order to validate the model, we discuss how the BTG-RBAC model is being introduced within a Portuguese healthcare institution where the legislation requires that genetic information must be accessed by a restricted group of healthcare professionals. These professionals...

‣ Extending RBAC model to control sequences of CRUD expressions

Pereira, Óscar Mortágua; Regateiro, Diogo Domingues; Aguiar, Rui L.
Fonte: Knowledge Systems Institute Graduate School (KSI) Publicador: Knowledge Systems Institute Graduate School (KSI)
Tipo: Conferência ou Objeto de Conferência
Português
Relevância na Pesquisa
38.086145%
In database applications, access control is aimed at requests are mainly formalized by Create, Read, Update and Delete (CRUD)expressions. The supervision process can be formalized at a high level, such as based on the RBAC model, but in the end the relevant aspect is the data being accessed through each CRUD expression. In critical database applications access control can be enforced not on a CRUD by CRUD basis but enforced at the level of sequences of CRUD expressions (workflow). This situation can occur whenever established security policies are based on strict procedures that define step by step the actions (sequences of CRUD expressions) to be followed. Current RBAC models do not support this type of security policies. To overcome this security gap, we leverage previous researches to propose an extension to the RBAC model to control for each role which sequences of CRUD expressions are authorized. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC. Our use case is based on typed security layers built from a software architectural model and also from metadata based on the proposed RBAC model extension.

‣ Distributed and typed role-based access control mechanisms driven by CRUD expressions

Pereira, Óscar Mortágua; Regateiro, Diogo; Aguiar, Rui L.
Fonte: ORB - Academic Publisher Publicador: ORB - Academic Publisher
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
27.31461%
Business logics of relational databases applications are an important source of security violations, namely in respect to access control. The situation is particularly critical when access control policies are many and complex. In these cases, programmers of business logics can hardly master the established access control policies. Now we consider situations where business logics are built with tools such as JDBC and ODBC. These tools convey two sources of security threats: 1) the use of unauthorized Create, Read, Update and Delete (CRUD) expressions and also 2) the modification of data previously retrieved by Select statements. To overcome this security gap when Role-based access control policies are used, we propose an extension to the basic model in order to control the two sources of security threats. Finally, we present a software architectural model from which distributed and typed RBAC mechanisms are automatically built, this way relieving programmers from mastering any security schema. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.

‣ Role-based access control mechanisms: distributed, statically implemented and driven by CRUD expressions

Pereira, Óscar Mortágua; Regateiro, Diogo; Aguiar, Rui L.
Fonte: IEEE Publicador: IEEE
Tipo: Conferência ou Objeto de Conferência
Português
Relevância na Pesquisa
27.645269%
Most of the security threats in relational database applications have their source in client-side systems when they issue requests formalized by Create, Read, Update and Delete (CRUD) expressions. If tools such as ODBC and JDBC are used to develop business logics, then there is another source of threats. In some situations the content of data sets retrieved by Select expressions can be modified and then committed into the host databases. These tools are agnostic regarding not only database schemas but also regarding the established access control policies. This situation can hardly be mastered by programmers of business logics in database applications with many and complex access control policies. To overcome this gap, we extend the basic Role-Based Access policy to support and supervise the two sources of security threats. This extension is then used to design the correspondent RBAC model. Finally, we present a software architectural model from which static RBAC mechanisms are automatically built, this way relieving programmers from mastering any schema. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.

‣ Smart-RBAC

Gummidi, Srinivasa Raghavendra Bhuvan
Fonte: Universidade Nova de Lisboa Publicador: Universidade Nova de Lisboa
Tipo: Dissertação de Mestrado
Publicado em 14/03/2015 Português
Relevância na Pesquisa
38.220327%
Generally, smart campus applications do not consider the role of the user with his/her position in a university environment, consequently irrelevant information is delivered to the users. This dissertation proposes a location-based access control model, named Smart-RBAC, extending the functionality of Role-based Access Control Model (RBAC) by including user’s location as the contextual attribute, to solve the aforementioned problem. Smart-RBAC model is designed with a focus on content delivery to the user in order to offer a feasible level of flexibility, which was missing in the existing location-based access control models. An instance of the model, derived from Liferay’s RBAC, is implemented by creating a portal application to test and validate the Smart-RBAC model. Additionally, portlet-based applications are developed to assess the suitability of the model in a smart campus environment. The evaluation of the model, based on a popular theoretical framework, demonstrates the model’s capability to achieve some security goals like “Dynamic Separation of Duty” and “Accountability”. We believe that the Smart-RBAC model will improve the existing smart campus applications since it utilizes both, role and location of the user...

‣ Aplicabilidade do modelo RBAC no controle de acesso para a rede sem fio do Senado Federal

Conceição, Heraldo Vieira da
Fonte: Senado Federal do Brasil Publicador: Senado Federal do Brasil
Tipo: Dissertação
Português
Relevância na Pesquisa
27.645269%
Trabalho final (especialização) -- Curso de Gestão em Tecnologia da Informação, Universidade do Legislativo Brasileiro (Unilegis) e Universidade de Brasília (Unb) , Faculdade de Tecnologia, Departamento de Elétrica, 2006; Apresenta uma descrição do RBAC sua funcionalidade, vantagens e aplicações, com ênfase na sua aplicação na rede sem fio do Senado Federal. Pretende-se identificar os cenários em que isso pode acontecer, propondo também uma arquitetura de componentes de hardware e software necessários para a implementação do modelo RBAC (Role Based Access Control)

‣ Rose Bengal Acetate PhotoDynamic Therapy (RBAc-PDT) Induces Exposure and Release of Damage-Associated Molecular Patterns (DAMPs) in Human HeLa Cells

Panzarini, Elisa; Inguscio, Valentina; Fimia, Gian Maria; Dini, Luciana
Fonte: Public Library of Science Publicador: Public Library of Science
Tipo: Artigo de Revista Científica
Publicado em 20/08/2014 Português
Relevância na Pesquisa
28.267683%
The new concept of Immunogenic Cell Death (ICD), associated with Damage Associated Molecular Patterns (DAMPs) exposure and/or release, is recently becoming very appealing in cancer treatment. In this context, PhotoDynamic Therapy (PDT) can give rise to ICD and to immune response upon dead cells removal. The list of PhotoSensitizers (PSs) able to induce ICD is still short and includes Photofrin, Hypericin, Foscan and 5-ALA. The goal of the present work was to investigate if Rose Bengal Acetate (RBAc), a powerful PS able to trigger apoptosis and autophagy, enables photosensitized HeLa cells to expose and/or release pivotal DAMPs, i.e. ATP, HSP70, HSP90, HMGB1, and calreticulin (CRT), that characterize ICD. We found that apoptotic HeLa cells after RBAc-PDT exposed and released, early after the treatment, high amount of ATP, HSP70, HSP90 and CRT; the latter was distributed on the cell surface as uneven patches and co-exposed with ERp57. Conversely, autophagic HeLa cells after RBAc-PDT exposed and released HSP70, HSP90 but not CRT and ATP. Exposure and release of HSP70 and HSP90 were always higher on apoptotic than on autophagic cells. HMGB1 was released concomitantly to secondary necrosis (24 h after RBAc-PDT). Phagocytosis assay suggests that CRT is involved in removal of RBAc-PDT generated apoptotic HeLa cells. Altogether...

‣ A secure, distributed and dynamic RBAC for relational applications; RBAC seguro, dinâmico e distribuído para aplicações relacionais

Regateiro, Diogo José Domingues
Fonte: Universidade de Aveiro Publicador: Universidade de Aveiro
Tipo: Dissertação de Mestrado
Português
Relevância na Pesquisa
38.220327%
Nowadays, database application use tools like Java Database Connectivity, Hibernate or ADO.NET to access data stored in databases. These tools are designed to bring together the relational database and object-oriented programming paradigms, forsaking applied access control policies. Hence, the application developers must master the established policies as a means to develop software that is conformant with the established access control policies. Furthermore, there are situations where these policies can evolve dynamically. In these cases it becomes hard to adjust the access control mechanisms. This challenge has led to the development of an extension to the role based access control (RBAC) model where permissions are defined as a sequence of create, read, update and delete (CRUD) expressions that can be executed and the interfaces to access them. From these permissions it's possible to generate security artefacts on the client side, i.e. in a distributed manner, which allows the clients to access the stored data while satisfying the security policies defined. On top of this model extension, a security layer has also been created in order to make the access control secure and obligatory. For the RBAC model extension this work leverages a previous work that created a dynamic access control architecture for relational applications...

‣ Constructing RBAC Based Security Model in u-Healthcare Service Platform

Shin, Moon Sun; Jeon, Heung Seok; Ju, Yong Wan; Lee, Bum Ju; Jeong, Seon-Phil
Fonte: Hindawi Publishing Corporation Publicador: Hindawi Publishing Corporation
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
27.645269%
In today's era of aging society, people want to handle personal health care by themselves in everyday life. In particular, the evolution of medical and IT convergence technology and mobile smart devices has made it possible for people to gather information on their health status anytime and anywhere easily using biometric information acquisition devices. Healthcare information systems can contribute to the improvement of the nation's healthcare quality and the reduction of related cost. However, there are no perfect security models or mechanisms for healthcare service applications, and privacy information can therefore be leaked. In this paper, we examine security requirements related to privacy protection in u-healthcare service and propose an extended RBAC based security model. We propose and design u-healthcare service integration platform (u-HCSIP) applying RBAC security model. The proposed u-HCSIP performs four main functions: storing and exchanging personal health records (PHR), recommending meals and exercise, buying/selling private health information or experience, and managing personal health data using smart devices.

‣ Implementation of an efficient RBAC in Cloud Computing using .NET environment

Gupta, Ruhi
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 09/03/2014 Português
Relevância na Pesquisa
27.84875%
Cloud Computing is flourishing day by day and it will continue in developing phase until computers and internet era is in existence. While dealing with cloud computing, a number of security and traffic related issues are confronted. Load Balancing is one of the answers to these issues. RBAC deals with such an answer. The proposed technique involves the hybrid of FCFS with RBAC technique. RBAC will assign roles to the clients and clients with a particular role can only access the particular document. Hence identity management and access management are fully implemented using this technique.; Comment: 6 pages, 5 figures, 1 flowchart, published By International Journal of Computer Trends and Technology(IJCTT)

‣ Tie-RBAC: An application of RBAC to Social Networks

Tapiador, Antonio; Carrera, Diego; Salvachúa, Joaquín
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 25/05/2012 Português
Relevância na Pesquisa
27.645269%
This paper explores the application of role-based access control to social networks, from the perspective of social network analysis. Each tie, composed of a relation, a sender and a receiver, involves the sender's assignation of the receiver to a role with permissions. The model is not constrained to system-defined relations and lets users define them unilaterally. It benefits of RBAC's advantages, such as policy neutrality, simplification of security administration and permissions on other roles. Tie-RBAC has been implemented in a core for building social network sites, Social Stream.; Comment: Web 2.0 Security & Privacy 2011

‣ RBAC Architecture Design Issues in Institutions Collaborative Environment

Aftab, Muhammad Umar; Nisar, Amna; Asif, Dr.; Ashraf, Adeel; Gill, Burhan
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 22/10/2013 Português
Relevância na Pesquisa
27.31461%
Institutional collaborative systems focus on providing the fast, and secure connections to students, teaching and non-teaching staff members. Access control is more important in these types of systems because different kind of users access the system on different levels. So a proper architecture must be there for these kinds of systems, for providing an efficient and secure system. As lot of work was done in RBAC like for grouping, securing the system, ease of use, and for enterprise etc but no one apply all these concepts as a whole on institution level. So, this paper will be a step towards administrative load sharing, securing the system, and ease of use.; Comment: 8 pages, 3 figures, 11 References

‣ Automated Validation of Security-sensitive Web Services specified in BPEL and RBAC (Extended Version)

Calvi, Alberto; Ranise, Silvio; Viganò, Luca
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 07/09/2010 Português
Relevância na Pesquisa
27.31461%
We formalize automated analysis techniques for the validation of web services specified in BPEL and a RBAC variant tailored to BPEL. The idea is to use decidable fragments of first-order logic to describe the state space of a certain class of web services and then use state-of-the-art SMT solvers to handle their reachability problems. To assess the practical viability of our approach, we have developed a prototype tool implementing our techniques and applied it to a digital contract signing service inspired by an industrial case study.; Comment: 12 pages, 3 figures, short version to appear in the Proceedings of WOSS'10, 1st Workshop on Software Services: Frameworks and Platforms

‣ A Service-Centric Approach to a Parameterized RBAC Service

Adams, Jonathan K.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 08/03/2006 Português
Relevância na Pesquisa
27.84875%
Significant research has been done in the area of Role Based Access Control [RBAC]. Within this research there has been a thread of work focusing on adding parameters to the role and permissions within RBAC. The primary benefit of parameter support in RBAC comes in the form of a significant increase in specificity in how permissions may be granted. This paper focuses on implementing a parameterized implementation based heavily upon existing standards.

‣ Role Mining with Probabilistic Models

Frank, Mario; Buhmann, Joachim M.; Basin, David
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
17.986592%
Role mining tackles the problem of finding a role-based access control (RBAC) configuration, given an access-control matrix assigning users to access permissions as input. Most role mining approaches work by constructing a large set of candidate roles and use a greedy selection strategy to iteratively pick a small subset such that the differences between the resulting RBAC configuration and the access control matrix are minimized. In this paper, we advocate an alternative approach that recasts role mining as an inference problem rather than a lossy compression problem. Instead of using combinatorial algorithms to minimize the number of roles needed to represent the access-control matrix, we derive probabilistic models to learn the RBAC configuration that most likely underlies the given matrix. Our models are generative in that they reflect the way that permissions are assigned to users in a given RBAC configuration. We additionally model how user-permission assignments that conflict with an RBAC configuration emerge and we investigate the influence of constraints on role hierarchies and on the number of assignments. In experiments with access-control matrices from real-world enterprises, we compare our proposed models with other role mining methods. Our results show that our probabilistic models infer roles that generalize well to new system users for a wide variety of data...

‣ ESPOON$_{{ERBAC}}$: Enforcing Security Policies In Outsourced Environments

Asghar, Muhammad Rizwan; Ion, Mihaela; Russello, Giovanni; Crispo, Bruno
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 15/08/2013 Português
Relevância na Pesquisa
18.086145%
Data outsourcing is a growing business model offering services to individuals and enterprises for processing and storing a huge amount of data. It is not only economical but also promises higher availability, scalability, and more effective quality of service than in-house solutions. Despite all its benefits, data outsourcing raises serious security concerns for preserving data confidentiality. There are solutions for preserving confidentiality of data while supporting search on the data stored in outsourced environments. However, such solutions do not support access policies to regulate access to a particular subset of the stored data. For complex user management, large enterprises employ Role-Based Access Controls (RBAC) models for making access decisions based on the role in which a user is active in. However, RBAC models cannot be deployed in outsourced environments as they rely on trusted infrastructure in order to regulate access to the data. The deployment of RBAC models may reveal private information about sensitive data they aim to protect. In this paper, we aim at filling this gap by proposing \textbf{$\mathit{ESPOON_{ERBAC}}$} for enforcing RBAC policies in outsourced environments. $\mathit{ESPOON_{ERBAC}}$ enforces RBAC policies in an encrypted manner where a curious service provider may learn a very limited information about RBAC policies. We have implemented $\mathit{ESPOON_{ERBAC}}$ and provided its performance evaluation showing a limited overhead...

‣ Secure access control for health information sharing systems

Alshehri, Suhair; Raj, Rajendra
Fonte: Rochester Instituto de Tecnologia Publicador: Rochester Instituto de Tecnologia
Tipo: Relatório
Português
Relevância na Pesquisa
27.645269%
The 2009 Health Information Technology for Economic and Clinical Health Act (HITECH) encourages healthcare providers to share information to improve healthcare quality at reduced cost. Such information sharing, however, raises security and privacy concerns that require appropriate access control mechanisms to ensure Health Insurance Portability and Accountability Act (HIPAA) compliance. Current approaches such as Role-Based Access Control (RBAC) and its variants, and newer approaches such as Attribute-Based Access Control (ABAC) are inadequate. RBAC provides simple administration of access control and user permission review, but demands complex initial role engineering and makes access control inflexible. ABAC, on the other hand, simplifies initial setup but increases the complexity of managing privileges and user permissions. These limitations have motivated research into the development of newer access control models that use attributes and policies while preserving RBAC's strengths. The BiLayer Access Control (BLAC) model is a two-step method being proposed to integrate attributes with roles: an access request is checked against pseudoroles, i.e., the list of subject attributes (first layer), and then against rules within the policies (second layer) associated with the requested object. This paper motivates the BLAC approach...

‣ Role of speech audiometry of pilots with hearing loss in evaluating their eligibility to obtain a civil aviation medical certificate (CMA): a case report; Papel da logoaudiometria na obtenção do certificado médico aeronáutico (CMA) na avaliação de pilotos da aviação civil com perda auditiva: relato de caso

Gomes, Virginia Silva; Maciel, Daniele Pimentel; Gianvecchio, Daniele Muñoz
Fonte: Universidade de São Paulo. Faculdade de Medicina Publicador: Universidade de São Paulo. Faculdade de Medicina
Tipo: info:eu-repo/semantics/article; info:eu-repo/semantics/publishedVersion; RC Formato: application/pdf
Publicado em 25/08/2015 Português
Relevância na Pesquisa
18.306584%
Hearing assessment of pilots is performed annually to obtain the aeronautical medical certificate (CMA). Many pilots have hearing loss, mainly caused by exposure to noise and presbycusis. Audiometric criteria for obtaining CMA is advocated by the Brazilian Civil Aviation Regulation (RBAC), and when they do not reach the thresholds, a test is given to assess if the pilot can hear the voice of the examiner at normal intensity in a quiet room at 2 meters and facing in the opposite direction of the sound source. However this test does not evaluate the ability of discrimination of the pilot. Objectives: To discuss and propose the use of speech audiometry as the test of choice in the evaluation of civil pilots who did not fulfill the minimum requirements in the tone audiometry as recommended by RBAC. Case report: a case was evaluated of a pilot who did not fulfill the audiometric criteria recommended by RBAC. He was then asked to listen to the voice of the examiner at 2 meters distance when facing backwards, whereupon the results were inconclusive, and he was then sent to undergo speech audiometry, which gave abnormal results. Discussion: A proper evaluation of hearing of the civil pilot is highly important in order not to put his or his crew’s life at risk. When the pilot does not fulfill the criteria of pure tone audiometry...