Quan Pham - Academia.edu (original) (raw)
Uploads
Papers by Quan Pham
Bookmarks Related papers MentionsView impact
Journal of Electrocardiology, 2003
Bookmarks Related papers MentionsView impact
Computers & Security, 2010
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
In a federated system, it is not uncommon for a user profile registered to a particular system to... more In a federated system, it is not uncommon for a user profile registered to a particular system to contain enough attributes to request services from that system. Other attributes may be missing from that profile when services are requested from another system. The problem is that currently, when a change in user attributes happens, it is very difficult for the federation to incorporate the changes in order to resolve the conflict of attributes and maintain the consistency of attributes of users between different systems. Currently ready-for-deploy systems such as Liberty Alliance, Microsoft Windows CardSpace (formerly InfoCard) and Shibboleth do not address this issue efficiently. In general, consistency issues of user attributes in federated system via a 2-dimentional view: consistency between member systems (horizontal consistency) and consistency between federation and local system (vertical consistency). In this paper, we discuss the issue of horizontal consistency to achieve better interoperability and fine-granularity for access control decisions in a federated system by analysing the two approaches to achieve the consistency of user attributes: attribute synchronisation and delegation.
Bookmarks Related papers MentionsView impact
This paper introduces a model to facilitate delegation, including ad-hoc delegation, in cross sec... more This paper introduces a model to facilitate delegation, including ad-hoc delegation, in cross security domain activities. Specifically, this paper proposes a novel delegation constraint management model to manage and track delegation constraints across security domains. A procedure to trace the authority of delegation constraints is introduced as well as a procedure to form a delegation constraint set and detect/prevent potential conflicts.
Bookmarks Related papers MentionsView impact
Computers & Security, 2009
Delegation, from a technical point of view, is widely considered as a potential approach in addre... more Delegation, from a technical point of view, is widely considered as a potential approach in addressing the problem of providing dynamic access control decisions in activities with a high level of collaboration, either within a single security domain or across multiple security domains. Although delegation continues to attract significant attention from the research community, presently, there is no published work that presents a taxonomy of delegation concepts and models. This paper intends to address this gap.
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Journal of Electrocardiology, 2003
Bookmarks Related papers MentionsView impact
Computers & Security, 2010
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
In a federated system, it is not uncommon for a user profile registered to a particular system to... more In a federated system, it is not uncommon for a user profile registered to a particular system to contain enough attributes to request services from that system. Other attributes may be missing from that profile when services are requested from another system. The problem is that currently, when a change in user attributes happens, it is very difficult for the federation to incorporate the changes in order to resolve the conflict of attributes and maintain the consistency of attributes of users between different systems. Currently ready-for-deploy systems such as Liberty Alliance, Microsoft Windows CardSpace (formerly InfoCard) and Shibboleth do not address this issue efficiently. In general, consistency issues of user attributes in federated system via a 2-dimentional view: consistency between member systems (horizontal consistency) and consistency between federation and local system (vertical consistency). In this paper, we discuss the issue of horizontal consistency to achieve better interoperability and fine-granularity for access control decisions in a federated system by analysing the two approaches to achieve the consistency of user attributes: attribute synchronisation and delegation.
Bookmarks Related papers MentionsView impact
This paper introduces a model to facilitate delegation, including ad-hoc delegation, in cross sec... more This paper introduces a model to facilitate delegation, including ad-hoc delegation, in cross security domain activities. Specifically, this paper proposes a novel delegation constraint management model to manage and track delegation constraints across security domains. A procedure to trace the authority of delegation constraints is introduced as well as a procedure to form a delegation constraint set and detect/prevent potential conflicts.
Bookmarks Related papers MentionsView impact
Computers & Security, 2009
Delegation, from a technical point of view, is widely considered as a potential approach in addre... more Delegation, from a technical point of view, is widely considered as a potential approach in addressing the problem of providing dynamic access control decisions in activities with a high level of collaboration, either within a single security domain or across multiple security domains. Although delegation continues to attract significant attention from the research community, presently, there is no published work that presents a taxonomy of delegation concepts and models. This paper intends to address this gap.
Bookmarks Related papers MentionsView impact