Time filter

Source Type

Alam M.,Security Engineering Research Group | Zhang X.,Huawei | Khan K.H.,Security Engineering Research Group | Ali G.,Security Engineering Research Group
Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT | Year: 2011

Cross domain resource sharing and collaborations have be- come pervasive in today's service oriented organizations. Existing approaches for the realization of cross domain access control are either focused on the model level only without concrete implementation mechanisms, or not general enough to provide a exible framework for enterprise web applications. In this paper, we present xDAuth, a frame- work for the realization of cross domain access control and delegation with RESTful web service architecture. While focusing on real issues under the context of cross domain access scenarios such as no predened trust relationship between a service provider domain and service requestor domain, xDAuth leverages existing web technologies to realize desired security requirements while supporting exible and scalable security policies and privacy protection with low performance overhead. We have implemented xDAuth in a medical module in OpenERP, an open source ERP system. Our evaluation demonstrates that xDAuth is a feasible framework towards general cross domain access control for service oriented architectures. © 2011 ACM.

Alam M.,Security Engineering Research Group | Alam M.,Institute of Management Sciences | Ali M.,Institute of Management Sciences | Alam Q.,Security Engineering Research Group | And 5 more authors.
International Journal of Physical Sciences | Year: 2011

Mashups are a new breed of interactive web applications that aggregate and stitch together data retrieved from one or more sources to create an entirely new and innovative set of services. The paradigm is not limited to social networks and many enterprises are redesigning their business processes to create interactive systems in the form of mashups. However, protecting users' private data from unauthorized access in mashups is a challenging security problem. Existing solutions for addressing the various authorization problems are limited due to all-or-nothing policy, third party dependence and scalability issues. In this paper, we present a general permission delegation model for mashups that is fine-grained, user centric and scalable. This contribution has the following objectives: We formally specify the dependency relationships among multiple web applications. Dependency relationships are categorized on the basis of specific data items. We present an extensible reference architecture for configuring multiple web applications and a session management protocol. © 2011 Academic Journals.

Khan M.A.,MS IT | Ali T.,Security Engineering Research Group | Irfan M.,Digital Systems | Shah K.A.,MS CSE | Ali F.,MS CSE
Proceedings of the 8th International Conference on Frontiers of Information Technology, FIT'10 | Year: 2010

The important field associated to high throughput computing (HTC) [1] emerged as grid computing. With the development of cluster computing the overheads of the hardware required to execute rigorous computations has been reduced. The major drawback of such technology is that the cluster consists of dedicated systems. If a machine is idle, it remains idle as its processing cycles are not accessible to other users. At universities and corporations, computing recourses are available as most of the CPU remains idle for most of the time and its consumption is less then 10%. This paper provides a Generic Architecture for the Distribution, Allocation and Execution of threads across a network "To Share Execution Power amongst systems in order to Utilize Maximum System Resources" and to provide an Administrative Layer over Operating System to Distribute Threads in a Grid which is not provided in the existing architectures. A middleware responsible for thread parallelism at different levels but the parallelism will be controlled at application layer by allocating the threads dynamically, its distribution and execution through a grid. Copyright © 2010 ACM.

Loading Security Engineering Research Group collaborators
Loading Security Engineering Research Group collaborators