Günther Pernul

A Pattern System for Access Control

In order to develop trustworthy information systems, security aspects should be considered from the early project stages. This is particularly true for authorization and access control services, which decide which users can access which parts of the system and in what ways. Software patterns have been used with success to encapsulate best practices in software design. A good collection of patterns is an invaluable aid in designing new systems by inexperienced developers and is also useful to teach and understand difficult problems. Following in this direction, this paper presents a pattern system to describe authorization and access control models. First, we present a set of patterns that include a basic authorization pattern that is the basis for patterns for the well-established discretionary and role-based access control models. Metadata access control models have appeared recently to address the high flexibility requirements of open, heterogeneous systems, such as enterprise or e-commerce portals. These models are complex and we use the basic patterns to develop a set of patterns for metadata-based access control.

Towards OLAP security design — survey and research issues

With the use of data warehousing and online analytical processing (OLAP) for decision support applications new security issues arise. The goal of this paper is to introduce an OLAP security design methodology, pointing out fields that require further research work. We present possible access control requirements categorized by their complexity. OLAP security mechanisms and their implementations in commercial systems are presented and checked for their suitability to address the requirements. Traditionally data warehouses were queried by high level users (executive management, business analysts) only. As the range of potential users with data warehouse access is steadily growing, this assumption is no longer appropriate and the necessity of proper access control mechanisms arises. However, a data warehouse is primarily built as an open system. Especially exploratory OLAP analysis requires this open nature; security controls may hinder the analytical discovery process.

Viewing business-process security from different perspectives

Security and integrity are crucial success factors in electronic commerce. This paper offers a framework that includes the security and integrity requirements of business processes in business process execution. An important part of the framework is the modeling and refinement of security and integrity requirements. High-level security requirements of business processes are viewed from five different perspectives. The tasks involved in the different perspectives are described, and the modeling of security requirements is outlined by focusing on the example of the legal binding of contracts.

A Pragmatic Approach to Conceptual Modeling of OLAP Security

Traditionally data warehouses were queried by high level users (executive management, business analysts) only. As the range of potential users with data warehouse access is steadily growing, this assumption is no longer appropriate and the necessity of proper access control mechanisms arises. The security capabilities of available commercial OLAP systems are highly proprietary and the syntax of their security constraints is not suitable for design and documentation purposes. Also, approaches trying to derive the access control policies from the operational data sources have not been very successful, as the relational model is predominate in operational systems while OLAP systems make use of the non-traditional multidimensional model. Access control schemes do not map easily. We approach the issue from the application side by introducing a methodology and a language for conceptual OLAP security design.

Ontology-based integration of OLAP and information retrieval

This paper describes an ontology-based approach for building an enterprise knowledge portal that integrates OLAP and information retrieval functionality to access both structured data stored in a data warehouse and unstructured data in form of documents. We discuss how to perform global searches over these information sources. In addition, our approach provides adaptive searching by tracking the user context. When a user performs ad-hoc navigation in an OLAP report, the system will be able to use the query context information to also search for relevant documents.

Public Key Infrastructures, Services and Applications

Secret handshake (SH) schemes enable two members who belong to the same group to authenticate each other in a way that hides their affiliation to that group from all others. In previous works, the group authority (GA) has the ability to reveal the identity (ID) of a handshake player who belongs to his group. In this paper, we focus first on the classification of traceability of GA. We classify this feature as follows: (i) GA of G is able to reveal IDs of members belonging to G by using a transcript of a handshake protocol; (ii) GA of G is able to confirm whether handshake players belong to G or not by using a transcript of a handshake protocol. In some situations, only the latter capability is needed. So, we consider a SH that GA has only an ability to confirm whether a handshake player belongs to his own group without revealing his ID. Thus, we introduce a SH scheme with request-based-revealing (SHRBR). In SHRBR, GA can check whether handshake players belong to the own group without revealing a member ID. After a handshake player A executes a handshake protocol with B, if A wants to reveal a handshake partner (in this case B), A requests GA to reveal a handshake partner’s ID by bringing forth his own ID and secret information. We define the security requirements for SHRBR and propose a concrete SHRBR in the random oracle model.

Trust, privacy and security in e-business: requirements and solutions

An important aspect of e-business is the area of e-commerce. One of the most severe restraining factors for the proliferation of e-commerce, is the lack of trust between customers and sellers, consumer privacy concerns and the lack of security measures required to assure both businesses and customers that their business relationship and transactions will be carried out in privacy, correctly, and timely. This paper considers trust privacy and security issues in e-commerce applications and discusses methods and technologies that can be used to fulfil the pertinent requirements.

Why have public key infrastructures failed so far

Purpose – To overview and discuss the technical, economical, legal, and social reasons why public key infrastructures (PKIs) have failed so far, summarizing the lessons learned, and giving expectations about the future development of the field.Design/methodology/approach – A detailed analysis of the developments in the PKI field, pointing out the achievements so far and the issues that still remain unsolved.Findings – The possible reasons for the failure of PKI technology.Originality/value – Identifies and analyses the problems of PKIs considering the different perspectives, i.e. not only the technical issues but also other issues like the economical, legal, and social issues that have also influenced the failure of PKIs.

Advances in Conceptual Modeling - Challenging Perspectives

CoMoL 2009 - Conceptual Modeling in the Large.- Preface to CoMoL 2009.- Semantic Service Design for Collaborative Business Processes in Internetworked Enterprises.- Algebraic Meta-structure Handling of Huge Database Schemata.- On Computing the Importance of Entity Types in Large Conceptual Schemas.- ETheCoM 2009 - First International Workshop on Evolving Theories of Conceptual Modelling.- Preface to ETheCoM 2009.- Invited Talks.- Is It Important to Explain a Theorem? A Case Study on UML and .- Towards a Theory of Conceptual Modelling.- Accepted Papers.- Assessing Modal Aspects of OntoUML Conceptual Models in Alloy.- First-Order Types and Redundant Relations in Relational Databases.- On Matrix Representations of Participation Constraints.- Toward Formal Semantics for Data and Schema Evolution in Data Stream Management Systems.- XML Machines.- FP-UML 2009 - Fifth International Workshop on Foundations and Practices of UML.- Preface to FP-UML 2009.- Dependability and Agent Modeling.- Applying AUML and UML 2 in the Multi-agent Systems Project.- A Collaborative Support Approach on UML Sequence Diagrams for Aspect-Oriented Software.- Applying a UML Extension to Build Use Cases Diagrams in a Secure Mobile Grid Application.- Semantics Representation and Tools.- The MP (Materialization Pattern) Model for Representing Math Educational Standards.- XMI2USE: A Tool for Transforming XMI to USE Specifications.- MOST-ONISW 2009 - The Joint International Workshop on Metamodels, Ontologies, Semantic Technologies, and Information Systems for the Semantic Web.- Preface to MOST-ONISW 2009.- Analysis Procedure for Validation of Domain Class Diagrams Based on Ontological Analysis.- Ontology for Imagistic Domains: Combining Textual and Pictorial Primitives.- Using a Foundational Ontology for Reengineering a Software Enterprise Ontology.- Multi-level Conceptual Modeling and OWL.- QoIS 2009 - The Fourth International Workshop on Quality of Information Systems.- Preface to QoIS 2009.- Assessment of Data Quality Factors.- Completeness in Databases with Maybe-Tuples.- Modeling, Measuring and Monitoring the Quality of Information.- Tools for Information System Quality Assessment.- Evaluating the Functionality of Conceptual Models.- Qbox-Services: Towards a Service-Oriented Quality Platform.- RIGiM 2009 - Third International Workshop on Requirements, Intentions and Goals in Conceptual Modeling.- Preface to RIGiM 2009.- Modelling.- A Comparison of Goal-Oriented Approaches to Model Software Product Lines Variability.- A Lightweight GRL Profile for i* Modeling.- Elicitation Issues.- From User Goals to Service Discovery and Composition.- ITGIM: An Intention-Driven Approach for Analyzing the IT Governance Requirements.- Adapting the i* Framework for Software Product Lines.- SECOGIS 2009 - Third International Workshop on Semantic and Conceptual Issues in Geographic Information Systems.- Preface to SeCoGIS 2009.- Foundational Aspects.- A New Point Access Method Based on Wavelet Trees.- A Reference System for Topological Relations between Compound Spatial Objects.- A Model for Geographic Knowledge Extraction on Web Documents.- Semantical Aspects.- A Semantic Approach to Describe Geospatial Resources.- An Ontology-Based Framework for Geographic Data Integration.- A Semantic Approach for the Modeling of Trajectories in Space and Time.

Modelling secure and fair electronic commerce

Security and fairness in business transactions are basic requirements demanded by any participant in electronic markets. We propose COPS as an infrastructure for building adaptable electronic markets with main focus on security and fairness and MOSS as a methodology for analysing and modelling the security semantics of business transactions. Both are necessary to control the risks involved in dealing (trading) with untrusted parties in an open electronic commerce environment. We address the phases information, negotiation and execution of a business transaction and discuss security requirements which in the past were recognised as being very important for electronic market participants but had only received limited or little attention in the electronic commerce research community.