Transition to Practice

Attributed-based obligatory access control is a new access control paradigm for achieving fine-grained authorization and assured system accountability. However, access control and obligation policies can be implemented incorrectly for various reasons, such as programming errors and misunderstanding about the policies. It is important to reveal discrepancy between the policy specification and the actual system implementation. The objective of this ?Transition To Practice?

Third-party hardware Intellectual Property (IP), written as code in a Hardware Description Language (HDL), is extensively used in modern integrated circuits. Contemporary electronics typically include 75% of third party hardware IP and only 25% in-house design to provide customization or a profit-making edge. Such extensive use of third-party hardware IP in both commercial and military applications raises security and trustworthiness concerns, especially in today's globalized market.

As the frequency and complexity of cyber attacks increase, approaches to create secure computing environments must look beyond technical barriers that protect from the outside to building a collaborative culture of cyber health from the inside. Use of online incentives have been shown to be an effective tool for enhancing an individual's engagement with a task.

Cloud computing has emerged as one of the most successful computing models in recent years. However, lack of accountability and non-compliance with data protection regulations have prevented major users such as business, healthcare, and defense organizations from utilizing clouds for sensitive data and applications. Due to the lack of information about cloud internals and the inability to perform trustworthy audits, today's clouds are often not used in regulated industries, preventing their widespread adoption.

Cloud computing allows users to delegate data and computation to cloud providers, at the cost of giving up physical control of their computing infrastructure. An attacker with physical access to the computing platform can perform various physical attacks, referred to as digital insertion and observation attacks, which include probing memory buses, tampering with memory, and cold-boot style attacks. While memory encryption can prevent direct leakage of data under digital observation, memory access patterns to even encrypted data may leak sensitive information.