Mukhtiar Memon

Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet

This contribution gives an overview of various access control strategies in use in healthcare scenarios and shows how a variety of policies can be modeled based on a single security policy model for usage control, UCON. The core of this contribution consists of the specialization of the Sectet -Framework for Model Driven Security for complex healthcare scenarios based on UCON. The resulting Domain Architecture comprises a Domain Specific Language for the modeling of policies with advanced security requirements, a target architecture for the enforcement of these policies and model-to-code transformations.

Security modeling for service-oriented systems using security pattern refinement approach

Security is one of the critical aspects of current systems, which are based on loosely coupled and technology-agnostic service-oriented architectures (SOA). Though SOA is the driving force for enterprises to open their ends for global business collaborations, nevertheless it evolves many challenges for modeling and enforcing security. One of the main problems for designing secure systems is the lack of consistent frameworks and methodologies for modeling security concerns. Traditional approaches consider security at the end of system development, which evolves inflexible and un-configurable systems, which are too difficult to maintain and manage. The other major problem with current approaches is that they assume pre-defined and hard-coded security patterns and mechanisms for secure system design. Whereas, the evolving SOA systems require configurable security to realize different security patterns and security policies in a variety of business scenarios. To solve these problems, it is necessary to model security concerns from the beginning of system modeling in a platform-independent way. This paper proposes a pattern refinement approach for security modeling to achieve configurable and declarative security, based on the principles of abstraction, refinement, separation-of-concerns and maintainability to achieve flexible configurations of SOA security. In the proposed approach, a Domain Expert defines abstract policies using common security vocabulary and a Security Expert models security with patterns and refines them for a target architecture in successive systematic refinements. Furthermore, it facilitates the transformation of abstract security models into executable security policies for the target platforms.

Cooperative space-time codes with network coding

Because of the gains like diversity, throughput, and the coverage extension provided by the multiple-input multiple-out (MIMO) systems, it has been part of the various wireless communications standards. However, to reap the benefits offered by MIMO systems in size-constrained nodes, used in wireless communications, has been a challenging issue. To address this challenge, cooperative communications has been introduced as an implementable way to exploit the multi-antenna (MIMO) gains in small size nodes. Various schemes or protocols have been devised to address the way by which cooperative communications actually takes place. In this article, we propose and investigate a novel scheme which provides a way to combine the benefits of space-time codes and network coding for cooperative communications. In this scheme, the cooperating users using space-time codes are assisted by the availability of a fixed relay node proposed for the future wireless networks. We compare our scheme with cooperative communications using Alamouti scheme and non-cooperative communications. With analytical results, we prove that the proposed scheme offers diversity gain of order three while cooperative communications using Alamouti scheme offers two and non-cooperative communications offers diversity order of one only. Moreover, the proposed relay assisted scheme outperforms by 15% in terms of multiplexing gain, the cooperative communications scheme being compared.