The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
An authorization model for temporal and derived data: securing information portals
ACM Transactions on Information and System Security (TISSEC)
A note on the anatomy of federation
BT Technology Journal
Solving Non-Boolean Satisfiability Problems with Stochastic Local Search: A Comparison of Encodings
Journal of Automated Reasoning
Coordinating access control in grid services
Concurrency and Computation: Practice & Experience - Middleware for Grid Computing: Future Trends (MGC2006)
PERMIS: a modular authorization infrastructure
Concurrency and Computation: Practice & Experience - UK e-Science All Hands Meeting 2006
Scalable authorization middleware for service oriented architectures
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Toward efficient and confidentiality-aware federation of access control policies
Proceedings of the 7th Workshop on Middleware for Next Generation Internet Computing
Introducing concurrency in policy-based access control
Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing
Hi-index | 0.00 |
For large distributed applications, security and performance are two requirements often difficult to satisfy together. Addressing them separately leads more often to fast systems with security holes, rather than secure systems with poor performance. For instance, caching data needed for security decisions can lead to security violations when the data changes faster than the cache can refresh it. Retrieving such fresh data without caching it impacts performance. In this paper, we analyze a subproblem: how to dynamically configure a distributed authorization system when both security and performance requirements change. We examine data caching, retrieval and correlation, and propose a runtime management tool that, with external input, finds and enacts the customizations that satisfy both security and performance needs. Preliminary results show it takes around two seconds to find customization solutions in a setting with over one thousand authorization components.