RBAC Administration in Distributed Systems (2009)
J. Crampton, Isg Royal Holloway, S. Etalle
Large and distributed access control systems are increasingly common, for example in health care. In such settings, access control policies may become very complex, thus complicating correct and...
Extended eTVRA vs. Security Checklist: Experiences in a Value-Web (2009)
Morali, A., Zambon, Emmanuele, Houmb, S.H., Sallhammar, K., Etalle, S.
Security evaluation according to ISO 15408 (Common Criteria) is a resource and time demanding activity, as well as being costly. For this reason, only few companies take their products through a...
Bolzoni, D., Etalle, S., Hartel, P.H.
Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a...
Spiessens, F., Den Hartog, J.I., Etalle, S.
In Decentralized Trust Management (DTM) authorization decisions are made by multiple principals who can also delegate decisions to each other. Therefore, a policy change of one principal will often...
Bolzoni, D., Etalle, S., Hartel, P.H.
Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a...
Architecture-based Qualitative Risk Analysis for Availability of IT Infrastructures (2009)
Zambon, Emmanuele, Etalle, S., Wieringa, R.J., Hartel, P.H.
An IT risk assessment must deliver the best possible quality of results in a time-effective way. Organisations are used to customise the general-purpose standard risk assessment methods in a way...
LP with Flexible Grouping and Aggregates Using Modes (2009)
We propose a new grouping operator for logic programs based on the bagof predicate. The novelty of our proposal lies in the use of modes, which allows us to prove properties regarding groundness of...
CRAC: Confidentiality Risk Analysis and IT-Architecture Comparison of Business Networks (2009)
Morali, A., Zambon, Emmanuele, Etalle, S., Wieringa, R.J.
The leakage of confidential information (e.g.\ industrial secrets, patient records and user credentials) is one of the risks that have to be accounted for and mitigated by organizations dealing with...
Bolzoni, D., Etalle, S., Hartel, P.H.
Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a...
Security for Sensor Networks (2008)
Vijay Bhuse, Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, Chris Karlof, ...
Ensures data integrity & origin Prevents injecting bogus messages � Confidentiality Ensures secrecy of data Prevents eavesdropping
A Formal Security Analysis of an OSA/Parlay Authentication Interface (2008)
R. Corin, G. Di Caprio, S. Etalle, S. Gnesi, G. Lenzini, C. Moiso, ...
Abstract. We report on an experience in analyzing the security of the Trust and Security Management (TSM) protocol, an authentication procedure within the OSA/Parlay Application Program Interfaces...
R. Corin, S. Etalle, Ronald Cramer, Serge Fehr
[8] J. van Eijck and S.M. Orzan. Modelling the Epistemics of Communication with Functional programming. In Proc. TFP’05. ENTCS, 2005. [9] J. den Hartog and E. de Vink. Virtual Analysis and...
R. Corin, S. Etalle, P. H. Hartel, A. Mader
We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol,...
Refinement for Administrative Policies (2008)
Abstract. Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper...
Open Competition 2003 Accountability in Electronic Commerce Protocols (ACCOUNT) Applicants: (2008)
Dr. B. Crispo, Dr. S. Etalle, Prof. Dr. W. J. Fokkink
More complex negotiation and payment scenarios for e-commerce are emerging. Accountability as a foundation for building trust is a crucial factor for determining the success of these services. We...
Refinement for Administrative Policies (2008)
Abstract. Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper...
Summary. Privacy is a prime concern in today’s information society. To protect the privacy of individuals, enterprises must follow certain privacy practices, while collecting or processing personal...
Ubiquitous Privacy Protection (2008)
C. Bryce, S. Etalle, D. Le Métayer, M. Minier, S. Ubéda, ...
Abstract The main message of this position paper is that technology need not necessarily be an obstacle to privacy protection: if legal and social issues are considered from the outset, then...
Vrijwillig op weg naar een politiestaat (2008)
Koops, E.J., Dommering, E., Eijk, N. Van, Schmidt, A., Smits, J., ...
IT Confidentiality Risk Assessment for an Architecture-Based Approach (2008)
Morali, A., Zambon, Emmanuele, Etalle, S., Overbeek, P.
Information systems require awareness of risks and a good understanding of vulnerabilities and their exploitations. In this paper, we propose a novel approach for the systematic assessment and...
Approaches in Anomaly-based Network Intrusion Detection Systems (2008)
Anomaly-based network intrusion detection systems (NIDSs) can take into consideration packet headers, the payload, or a combination of both. We argue that payload-based approaches are becoming the...
Trust Management in P2P Systems Using Standard TuLiP (2008)
Czenko, M.R., Doumen, J.M., Etalle, S.
In this paper we introduce Standard TuLiP - a new logic based Trust Management system. In Standard TuLiP, security decisions are based on security credentials, which can be issued by different...
RBAC administration in distributed systems (2008)
Dekker, M.A.C., Crampton, J., Etalle, S.
Large and distributed access control systems are increasingly common, for example in health care. In such settings, access control policies may become very complex, thus complicating correct and...
IT Confidentiality Risk Assessment for an Architecture-Based Approach (2008)
Morali, A., Zambon, Emmanuele, Etalle, S., Overbeek, P.
Information systems require awareness of risks and a good understanding of vulnerabilities and their exploitations. In this paper, we propose a novel approach for the systematic assessment and...
Trust Management in P2P systems using Standard TuLiP (2008)
Czenko, M.R., Doumen, J.M., Etalle, S.
In this paper we introduce Standard TuLiP - a new logic based Trust Management system. In Standard TuLiP, security decisions are based on security credentials, which can be issued by different...
Bolzoni, D., Crispo, B., Etalle, S.
We present an architecture designed for alert verification (i.e., to reduce false positives) in network intrusion-detection systems. Our technique is based on a systematic (and automatic)...
LP with Flexible Grouping and Aggregates Using Modes (2008)
We propose a new grouping operator for logic programs based on the group_by operator of SQL. The novelty of our proposal lies in the use of modes, which allows us to relax some rather unpractical...
Boosting Web Intrusion Detection Systems by Inferring Positive Signatures (2008)
We present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups:...
The byproduct of today’s massive interconnectivity is that basically nothing and no-one is immune to cyber attacks any longer. Sadly, this can be demonstrated rather trivially. It is therefore not...
Extended eTVRA vs. Security Checklist: Experiences in a Value-Web (2008)
Morali, A., Zambon, Emmanuele, Houmb, S.H., Sallhammar, K., Etalle, S.
Security evaluation according to ISO 15408 (Common Criteria) is a resource and time demanding activity, as well as being costly. For this reason, only few companies take their products through a...
Boosting Web Intrusion Detection Systems by Inferring Positive Signatures (2008)
We present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups:...
Abstract Assessing Security-Critical Energy-Efficient Sensor Networks (2007)
Y. W. Law, S. Dulman, S. Etalle, P. Havinga
self-organizing, collaborative, energy-efficient sensor networks. This study is devoted to the security aspects of the project. Our contribution is three-fold: firstly, we present a survey, where we...
Scheduling and Allocation of Non-Manifest Loops on Hardware Graph-Models (2007)
O. Mansour, S. Etalle, T. Krol
Abstract — In this paper we address the problem of scheduling non-manifest data dependant periodic loops for high throughput DSP-applications based on a streaming data model. In contrast to...
J. LOGIC PROGRAMMING 1994:19, 20:1--679 1 Termination of Well-Moded Programs (2007)
. We study the termination properties of well-moded programs, and we show that, under suitable conditions, for these programs there exists an algebraic characterization-- in the style of Apt and...
J. G. Cederquist, R. Corin, S. Etalle, J. I. Hartog, S. Etalle, ...
Abstract In this paper we introduce a new framework for controlling compliance to discretionary access control policies [Cederquist et al. in Proceedings of the International Workshop on Policies for...
S.: Extended privilege inheritance in RBAC (2007)
J. Cederquist, J. Crampton, S. Etalle
In existing RBAC literature, administrative privileges are inherited just like ordinary user privileges. We argue that from a security viewpoint this is too restrictive, and we believe that a more...
Extended Privilege Inheritance in RBAC (2007)
Dekker, M.A.C., Cederquist, J.G., Crampton, J., Etalle, S.
In existing RBAC literature, administrative privileges are inherited just like ordinary user privileges. We argue that from a security viewpoint this is too restrictive, and we believe that a more...
Etalle, S., Massacci, F., Yautsiukhin, A.
While logging events is becoming increasingly common in computing, in communication and in collaborative environments, log systems need to satisfy increasingly challenging (if not conflicting)...
An Introduction to the Role Based Trust Management Framework RT (2007)
Czenko, M.R., Etalle, S., Li, D., Winsborough, W.H.
Trust Management (TM) is a novel flexible approach to access control in distributed systems, where the access control decisions are based on the policy statements, called credentials, made by...
Core TuLiP - Logic Programming for Trust Management (2007)
We propose CoreTuLiP - the core of a trust management language based on Logic Programming. CoreTuLiP is based on a subset of moded logic programming, but enjoys the features of TM languages such as...
Refinement for Administrative Policies (2007)
Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper builds on...
Timed Analysis of Security Protocols (2007)
Corin, R.J., Etalle, S., Hartel, P.H., Mader, A.H.
We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol,...
An Introduction to the Role Based Trust Management Framework RT (2007)
Czenko, M.R., Etalle, S., Li, D., Winsborough, W.H.
Trust Management (TM) is a novel flexible approach to access control in distributed systems, where the access control decisions are based on the policy statements, called credentials, made by...
Audit-based Compliance Control (AC2) for EHR Systems (2007)
Dekker, M.A.C., Den Hartog, J.I., Etalle, S.
Traditionally, medical data is stored and processed using paper-based files. Recently, medical facilities have started to store, access and exchange medical data in digital form. The drivers for this...
Refinement for Administrative Policies (2007)
Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper builds on...
A model supporting Business Continuity auditing & planning in Information Systems (2007)
Zambon, Emmanuele, Bolzoni, D., Etalle, S., Salvato, M.
One of the main tasks of IT business continuity planning (BCP) is to guarantee that incidents affecting the IT infrastructure do not affect the availability of IT-dependent business processes beyond...
ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems (2007)
Bolzoni, D., Crispo, B., Etalle, S.
We present an architecture designed for alert verification (i.e., to reduce false positives) in network intrusion-detection systems. Our technique is based on a systematic (and automatic)...
Trust and Punishment (Invited paper) (2007)
Etalle, S., Den Hartog, J.I., Marsh, S.
In recent years we have witnessed a great increase in the interest in Trust Management (TM) techniques both from the industrial and the academic sectors. The booming research has also determined a...
Dekker, M.A.C., Etalle, S., Den Hartog, J.I.
Privacy is a prime concern in today's information society. To protect the privacy of individuals, enterprises must follow certain privacy practices, while collecting or processing personal data. In...
Model-Based Mitigation of Availability Risks (2007)
Zambon, Emmanuele, Bolzoni, D., Etalle, S., Salvato, M.
The assessment and mitigation of risks related to the availability of the IT infrastructure is becoming increasingly important in modern organizations. Unfortunately, present standards for Risk...
A model supporting Business Continuity auditing & planning in Information Systems (2007)
Zambon, Emmanuele, Bolzoni, D., Etalle, S., Salvato, M.
One of the main tasks of IT business continuity planing (BCP) is guaranteeing that incidents affecting the IT infrastructure do not affect the availability of IT-dependent business processes beyond a...
Audit-based compliance control (2007)
Cederquist, J.G., Corin, R.J., Dekker, M.A.C., Etalle, S., Den Hartog, J.I., Lenzini, G.
In this paper we introduce a new framework for controlling compliance to discretionary access control policies [Cederquist et al. in Proceedings of the International Workshop on Policies for...
We propose CoreTuLiP - the core of a trust management language based on Logic Programming. CoreTuLiP is based on a subset of moded logic programming, but enjoys the features of TM languages such as...
Etalle, S., Massacci, F., Yautsiukhin, A.
While logging events is becoming increasingly common in computing, in communication and in collaborative work, log systems need to satisfy increasingly challenging (if not conflicting)...
RBAC Administration in Distributed Systems (2007)
Dekker, M.A.C., Crampton, J., Etalle, S.
Despite a large body of literature on the administration of RBAC policies in centralized systems, the problem of the administration of a distributed system has hardly been addressed. We present a...
A Posteriori Compliance Control (2007)
While preventative policy enforcement mechanisms can provide theoretical guarantees that policy is correctly enforced, they have limitations in practice. They are inflexible when unanticipated...
Model-Based Mitigation of Availability Risks (2007)
Zambon, Emmanuele, Bolzoni, D., Etalle, S., Salvato, M.
The assessment and mitigation of risks related to the availability of the IT infrastructure is becoming increasingly important in modern organizations. Unfortunately, present standards for Risk...
Audit-Based Access Control for Electronic Health Records (2006)
Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e.before granting a request for a document. There are scenarios however where the security decision can not...
LicenseScript: A Logical Language for Digital Rights Management (2006)
Chong, C.N., Corin, R.J., Doumen, J.M., Etalle, S., Hartel, P.H., Law, Y.W., ...
We propose LicenseScript, a language for digital rights management (DRM) based on multiset rewriting and logic programming. LicenseScript enjoys a precise syntax and semantics, and it is rich enough...
Delzanno, G., Etalle, S., Gabbrielli, M.
This special issue is inspired by the homonymous ICLP workshops that took place during ICLP 2001 and ICLP 2002. Extending and shifting slightly from the scope of their predecessors (on verification...
Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System (2006)
Bolzoni, D., Zambon, Emmanuele, Etalle, S., Hartel, P.H.
We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the...
A Logic for Constraint-based Security Protocol Analysis (2006)
Corin, R.J., Saptawijaya, A., Etalle, S.
We propose PS-LTL, a pure-past security linear temporal logic that allows the specification of a variety of authentication, secrecy and data freshness properties. Furthermore, we present a sound and...
The Audit Logic: Policy Compliance in Distributed Systems (2006)
Cederquist, J.G., Corin, R.J., Dekker, M.A.C., Etalle, S., Den Hartog, J.I., Lenzini, G.
We present a distributed framework where agents can share data along with usage policies. We use an expressive policy language including conditions, obligations and delegation. Our framework also...
Privacy in an Ambient World (2006)
Dekker, M.A.C., Etalle, S., Den Hartog, J.I.
Privacy is a prime concern in today's information society. To protect the privacy of individuals, enterprises must follow certain privacy practices, while collecting or processing personal data. In...
APHRODITE: an Anomaly-based Architecture for False Positive Reduction (2006)
We present APHRODITE, an architecture designed to reduce false positives in network intrusion detection systems. APHRODITE works by detecting anomalies in the output traffic, and by correlating them...
Extended Privilege Inheritance in RBAC (2006)
Dekker, M.A.C., Cederquist, J.G., Crampton, J., Etalle, S.
In existing RBAC literature, administrative privileges are inherited just like ordinary user privileges. We argue that from a security viewpoint this is too restrictive, and we believe that a more...
Audit-Based Access Control for Electronic Health Records (2006)
Traditional access control mechanisms aim to prevent illegal actions a-priori occurrence, i.e. before granting a request for a document. There are scenarios however where the security decision can...
Extended Privilege Inheritance in RBAC (2006)
Dekker, M.A.C., Cederquist, J.G., Crampton, J., Etalle, S.
In existing RBAC literature, administrative privileges are inherited just like ordinary user privileges. We argue that from a security viewpoint this is too restrictive, and we believe that a more...
Audit-based Access Control in de Zorg (2006)
Dekker, M.A.C., Veugen, P.J.M., Etalle, S.
Traditioneel staan in de informatiebeveiliging vertrouwelijkheid en beschikbaarheid van informatie op een gespannen voet. Grofweg geldt dat hoe meer maatregelen worden genomen om informatie af te...
Timed Analysis of Security Protocols (2005)
Corin, R., Etalle, S., Hartel, P.H., Mader, A.
We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol,...
An audit logic for accountability (2005)
J. G. Cederquist, R. Corin, S. Etalle
We describe and implement a policy language. In our system, agents can distribute data along with usage policies in a decentralized architecture. Our language supports the specification of conditions...
An audit logic for accountability (2005)
J. G. Cederquist, R. Corin, S. Etalle
We describe a policy language and implement its associated proof checking system. In our system, agents can distribute data along with usage policies in a decentralized architecture. Our language...
Timed Model Checking of Security Protocols (2004)
Corin, R., Etalle, S., Hartel, P.H., Mader, A.
We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol....
A logic for auditing accountability in decentralized systems (2004)
R. Corin, S. Etalle, J. Den Hartog, G. Lenzini, I. Staicu
Abstract. We propose a language that allows agents to distribute data with usage policies in a decentralized architecture. In our framework, the compliance with usage policies is not enforced....
Modelling mobility aspects of security policies (Invited paper) (2004)
Hartel, P.H., Etalle, S., Wieringa, R.J.
Security policies are rules that constrain the behaviour of a system. Different, largely unrelated sets of rules typically govern the physical and logical worlds. However, increased hardware and...
On Modelling Real-time and Security properties of Distributed Systems (Extended Abstract) (2003)
Corin, R.J., Etalle, S., Hartel, P.H., Mader, A.H.
We discuss a simplified version of the timing attack to illustrate a connection between security and real-time properties of distributed systems. We suggest several avenues for further research on...
Assessing Security-Critical Energy-Efficient Sensor Networks (2002)
Law, Y.W., Dulman, S., Etalle, S., Havinga, P.
In the EYES project (http://eyes.eu.org), we are investigating self-organizing, collaborative, energy-efficient sensor networks. This study is devoted to the security aspects of the project. Our...
Key Management with Group-Wise Pre-Deployed Keying and Secret Sharing Pre-Deployed Keying (2002)
Law, Y.W., Etalle, S., Hartel, P.H.
In wireless sensor networks, the key deployment problem has received little attention, whereas it is in fact fundamental, heavily involving crucial (scarce) resources of ad-hoc networks, such as...
Termination of well-moded programs (1999)
Etalle, S., Bossi, A., Cocco, N.
We study the termination properties of well-moded programs, and we show that, under suitable conditions, for these programs there exists an algebraic characterization-in the style of Apt and...
Declarative solutions to partitioned-grid problems (1999)
Etalle, S., Hartel, P.H., Vree, W.G.
The problem of partitioning grid-based applications for parallel computing can be solved easily and intuitively in a logic programming language such as Prolog, using only the single assignment...
Properties of Input-Consuming Derivations (1999)
We study the properties of input-consuming derivations of moded logic programs. Input-consuming derivations do not employ a fixed selection rule, and can be used to model the behavior of logic...
Properties of Input-Consuming Derivations (1999)
We study the properties of input-consuming derivations of moded logic programs. Input-consuming derivations do not employ a xed selection rule, and can be used to model the behavior of logic programs...
Termination of Well-Moded Programs (1998)
Etalle Bossi Cocco, S. Etalle, A. Bossi, N. Cocco
this paper we prove that, for a large class of programs, namely the class of well-moded programs, we can combine the advantages of both approaches. In fact, well-moded programs allow us to make the...
Well-Terminating Programs (1998)
this paper we make explicit this dependency on the input while following the approach of [AP90], since we want to have a characterization for such a class of programs. In order to represent our...
Well-Terminating Programs (1998)
this paper we make explicit this dependency on the input while following the approach of [AP90], since we want to have a characterization for such a class of programs. In order to represent our...
Simultaneous replacement in normal programs (1996)
A. Bossi, N. Cocco, S. Etalle, Annalisa Bossi, Nicoletta Cocco, Sandro Etalle
The simultaneous replacement transformation operation, is here defined and studied wrt normal programs. We give applicability conditions able to ensure the correctness of the operation wrt the set of...
Simultaneous replacement in normal programs (1996)
The simultaneous replacement transformation operation, is here defined and studied wrt normal programs. We give applicability conditions able to ensure the correctness of the operation wrt the set of...
Transforming Acyclic Programs (1994)
A. Bossi, S. Etalle, Annalisa Bossi, Sandro Etalle
An Unfold/Fold transformation system is a source-to-source rewriting methodology devised to improve the efficiency of a program. Any such transformation should preserve the main properties of the...
On the unification free Prolog programs (1993)
K. R. Apt, S. Etalle, Krzysztof R. Apt, Sandro Etalle
We provide simple conditions which allow us to conclude that in case of several well-known Prolog programs the unification algorithm can be replaced by iterated matching. The main tools used here are...