Biblio
Filters: Author is Shin, Michael [Clear All Filters]
.
2020. Security Fault Tolerance for Access Control. 2020 IEEE International Conference on Autonomic Computing and Self-Organizing Systems Companion (ACSOS-C). :212—217.
This paper describes an approach to the security fault tolerance of access control in which the security breaches of an access control are tolerated by means of a security fault tolerant (SFT) access control. Though an access control is securely designed and implemented, it can contain faults in development or be contaminated in operation. The threats to an access control are analyzed to identify possible security breaches. To tolerate the security breaches, an SFT access control is made to be semantically identical to an access control. Our approach is described using role-based access control (RBAC) and extended access control list (EACL). A healthcare system is used to demonstrate our approach.
.
2018. Identifying Security Spots for Data Integrity. 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC). 02:462—467.
This paper describes an approach to detecting malicious code introduced by insiders, which can compromise the data integrity in a program. The approach identifies security spots in a program, which are either malicious code or benign code. Malicious code is detected by reviewing each security spot to determine whether it is malicious or benign. The integrity breach conditions (IBCs) for object-oriented programs are specified to identify security spots in the programs. The IBCs are specified by means of the concepts of coupling within an object or between objects. A prototype tool is developed to validate the approach with a case study.