Computer Engineering / Bilgisayar Mühendisliği

Permanent URI for this collectionhttps://hdl.handle.net/11147/10

Browse

Filters

2008 - 200932010 - 20161

Settings

Subject: search.filters.subject.Access control

Search Results

Now showing 1 - 4 of 4
  • Conference Object
    Citation - WoS: 1
    Automatic Enforcement of Location Aware User Based Network Access Control Policies
    (World Scientific and Engineering Academy and Society, 2008) Tuğlular, Tuğkan
    Multiple interconnected network segments distributed across various locations, such as corporate networks, where users or employees constantly travel among segments and require to access servers, need to have network access control mechanisms that are able to adapt to these location changes. The idea of a firewall changing or adapting its rules depending on the location of users is presented by an architecture in this paper. This architecture proposes deployment of a policy server at the management level and policy agents at the firewall level, so that policy-driven network security management is enabled by specifying location aware user based network access control policies at the network security management and enforcing them at the managed firewalls. The architecture presented in this paper utilizes user VPN connection event triggers for dynamic policy configuration and automated policy deployment to firewalls. Location aware user based network access control policies, which are management level policies, are implemented using XACML. A network level policy is usually a configuration, or policy, file local to the firewall. The policy agent incorporated into the firewall performs the mapping from management level policy to firewall policy.
  • Conference Object
    Citation - Scopus: 1
    A Semantic Based Certification and Access Control Approach Using Security Patterns on Seagent
    (Knowledge Systems Institute, 2008) Tekbacak, Fatih; Tuğlular, Tuğkan; Dikenelli, Oğuz
    In this paper, we propose a security infrastructure for communication between agents adaptable to FIPA security specifications by employing security patterns and semantic based policy descriptions. Security patterns are used as a generalized approach for generating security based services. This paper analyzes the authentication and semantic based access control among agents by using the security patterns.
  • Article
    Citation - WoS: 8
    Citation - Scopus: 11
    Ca-Arbac: Privacy Preserving Using Context-Aware Role-Based Access Control on Android Permission System
    (Hindawi Publishing Corporation, 2016) Abdella, Juhar Ahmed; Özuysal, Mustafa; Tomur, Emrah
    Existing mobile platforms are based on manual way of granting and revoking permissions to applications. Once the user grants a given permission to an application, the application can use it without limit, unless the user manually revokes the permission. This has become the reason for many privacy problems because of the fact that a permission that is harmless at some occasion may be very dangerous at another condition. One of the promising solutions for this problem is context-aware access control at permission level that allows dynamic granting and denying of permissions based on some predefined context. However, dealing with policy configuration at permission level becomes very complex for the user as the number of policies to configure will become very large. For instance, if there are A applications, P permissions, and C contexts, the user may have to deal with A × P × C number of policy configurations. Therefore, we propose a context-aware role-based access control model that can provide dynamic permission granting and revoking while keeping the number of policies as small as possible. Although our model can be used for all mobile platforms, we use Android platform to demonstrate our system. In our model, Android applications are assigned roles where roles contain a set of permissions and contexts are associated with permissions. Permissions are activated and deactivated for the containing role based on the associated contexts. Our approach is unique in that our system associates contexts with permissions as opposed to existing similar works that associate contexts with roles. As a proof of concept, we have developed a prototype application called context-aware Android role-based access control. We have also performed various tests using our application, and the result shows that our model is working as desired.
  • Conference Object
    Citation - Scopus: 4
    An Architecture for Verification of Access Control Policies With Multi Agent System Ontologies
    (Institute of Electrical and Electronics Engineers Inc., 2009) Tekbacak, Fatih; Tuğlular, Tuğkan; Dikenelli, Oğuz
    Multi-agent systems (MAS) which communicate with intra-domain and inter-domain agent platforms have access control requirements. Instead of a central mechanism, a fine-graned access control mechanism could have been applied to MAS platforms. This paper emphasizes MAS-based domain and security ontologies with XACML-based access control approach for MAS platforms. The domain dependent behaviour and access control parameters in agent ontologies could be combined within a common XACML policy document that is used through different MAS applications. Agent-based access control requirements and common XACML policy documents should be consistent to enforce policies for MAS. To obtain this condition, the translation of organizational policies and platform based policies have to be considered in detail and the verified policy features have to be enforced in MAS to provide access for resources.