China
Africa
Explore chapters and articles related to this topic
Risk Management Framework of the U.S. Department of Defense and National Security
Published in Anna M. Doro-on, Handbook of Systems Engineering and Risk Management in Control Systems, Communication, Space Technology, Missile, Security and Defense Operations, 2023
The stand-alone IS and PIT systems are enclaves created with authorization boundary to operate independently without other network connections and do not perform tasks outside the designated system. An enclave is a collection of ISs connected by one or more internal networks under the control of a single authority and security policy that may be structured by physical proximity or by function, independent of location (DCMA 2014). The stand-alone IS and PIT systems are built in single to several workstations or in interdependent subsystems with designated security control sets that can be tailored as authorized and with the AO’s approval. Additionally, they should often be distinctively characterized with details in the authorization documentation. Identical stand-alone IS and PIT systems normally have identical security control policies. They can be deployed at various locations with designated authorization type. Authorization types permit to delineate an authorization, filter lists of objects, assign configuration and rule objects, or allow access to associated set of objects.
Design of a Secure Infrastructure for Cognitive IoT Platforms and Applications
Published in Pethuru Raj, Anupama C. Raman, Harihara Subramanian, Cognitive Internet of Things, 2022
Pethuru Raj, Anupama C. Raman, Harihara Subramanian
Authorization is a process which ensures that a specific user has rights to perform only certain kinds of operations on a specific object. This is generally implemented by granting different types of permissions to different types of users based on their roles and the operations they are expected to perform as part of the role. Authorization of data is implemented using a component called access control list (ACL). ACL specifies different types of permissions for different users on different objects. These permissions are mapped and stored in the form a table. The different types of permissions which are given for users are classified as the following:Read only: The user has permission to only read the object. The user cannot delete or edit the object. These types of permissions are granted to staff who are not required to perform any alteration on the data.Read and write: The user has permission to read and alter the object. These types of permissions are granted to authorities who have the overall authority and discretion to validate the rights and access permissions of other users.
Grid Security Architecture: Requirements, Fundamentals, Standards and Models
Published in Yang Xiao, Security in Distributed, Grid, Mobile, and Pervasive Computing, 2007
Jose L. Vivas, Javier Lopez, Jose A. Montenegro
Authorization and access control. Authorization is the process by which a subject is eventually allowed to access some resource. In grids local access mechanisms should be applied whenever possible, and the owner of a resource should be able to enforce local user authorization. Users also need a consistent way to get authorization to access grid resources across organizations. The first condition a user must meet in order to access the grid is that he is a member of the VO, but eventual roles played by the user or other attributes may also be taken into consideration. Authorization by identity is very common, but in a grid context resource owners may want to grant access based on, e.g., roles, group membership, credit worthiness, static or dynamic and context-based attributes. Confirmation that a user has the VO membership and the required roles and attributes must be possible to obtain.
A guideline to implement a CPS architecture in an SME
Published in Production & Manufacturing Research, 2023
Jean-Rémi Piat, Christophe Danjou, Bruno Agard, Robert Beauchemin
The authentication of a request can be basic, with a parameter in the form of an identifier and a password, or more complex with the use of a token delivered by the authorization system. The token-based authorization process includes authentication, which refers to the process of proving one’s identity; authorization, which refers to the function of specifying access rights to resources, and accounting, which refers to the process of measuring the consumption of resources in a service exchange (Kolluru et al., 2018). When a request is made, a token is issued to the client if it is registered in the authorization system, this token stores client information, and a validity period. The token is then encrypted and can be used to access authorized resources as long as the consumption of resources does not exceed the validity threshold. As soon as the token is no longer valid, the system either provides the client with a new token or the server rejects the request and the client must resend the request.
Policy reconciliation for access control in dynamic cross-enterprise collaborations
Published in Enterprise Information Systems, 2018
D. Preuveneers, W. Joosen, E. Ilie-Zudor
Enterprises are turning to attribute-based access control (ABAC) policies to enforce authorization to their information systems and business applications because ABAC policies give them the flexibility they need to express authorization rights and entitlements (also known as permissions or access rights). Compared to traditional role-based access control (RBAC) that grants access based on the roles of the user, the main benefit of ABAC is a finer granularity of access control as it generalizes the role attribute of a user to any kind of attribute. As such, the advantages of ABAC policies are twofold: (1) attributes can describe any property of an entity (e.g. the user, information asset, context) that must be considered for authorization decisions, and (2) a policy-based access control approach defines and evaluates security rules separate from the core business logic, which makes such security policies easier to adapt to changing access control demands.
Symbiotic Organisms Search Optimization based Faster RCNN for Secure Data Storage in Cloud
Published in IETE Journal of Research, 2023
J. Thresa Jeniffer, A. Chandrasekar, S. Jothi
Decryption process: The decryption (decoding) process is a way of transforming ciphertext into plaintext. To decode data from the authorized customer, it necessitates a hidden or mystery key. Choose the cipher to decode data according to the mentioned process and after that, the state of plain content is estimated. . The main role of this process is to secure the data from unauthorized officials. The proposed model demands access control reliant on attributes. The authorization model, the Attribute Dependent Access Management framework analyzes the attributes to make access decisions. These attributes may even be a job start date, user location, etc. and they may be interconnected with each other or not.