Requirements-Based Access Control Analysis and Policy Specification

He, Qingfeng

15 August 2005

Access control is a mechanism for achieving confidentiality and integrity in software systems. Access control policies (ACPs) define how access is managed and the high-level rules of who can access what information under certain conditions. Traditionally, access control policies have been specified in an ad-hoc manner, leaving systems vulnerable to security breaches. ACP specification is often isolated from requirements analysis, resulting in policies that are not in compliance with system requirements. This dissertation introduces the Requirements-based Access Control Analysis and Policy Specification (ReCAPS) method for deriving access control policies from various sources, including software requirements specifications (SRS), software designs, and high-level security/privacy policies. The ReCAPS method is essentially an analysis method supported by a set of heuristics and a software tool: the Security and Privacy Requirements Analysis Tool (SPRAT). The method was developed in two formative case studies and validated in two summative case studies. All four case studies involved operational systems, and ReCAPS evolved as a result of the lessons learned from applying the method to these case studies. Further validation of the method was performed via an empirical study to evaluate the usefulness and effectiveness of the approach. Results from these evaluations indicate that the process and heuristics provided by the ReCAPS method are useful for specifying database-level and application-level ACPs. Additionally, ReCAPS integrates policy specification into software development, thus providing a basic framework for ensuring compliance between different levels of policies, system requirements and software design. The method also improves the quality of requirements specifications and system designs by clarifying ambiguities and resolving conflicts across these artifacts.

Computer Science

Analyzing Security Attacks to Generate Signatures from Vulnerable Architectural Patterns

Gegick, Michael

24 August 2004

Current techniques for software security vulnerability identification include the use of abstract, graph-based models to represent information about an attack. These models can be in the form of attack trees or attack nets and can be accompanied with a supporting text-based profile. Matching the abstract models to specific system architectures for effective vulnerability identification can be a challenging process. This thesis suggests that abstract regular expressions can be used to represent events of known attacks for the identification of security vulnerabilities in future applications. The process of matching the events in the regular expression to a sequence of components in a system design may facilitate the means of identifying vulnerabilities. Performing the approach in the design phase of a software process encourages security to be integrated early into a software application. Students in an undergraduate security course demonstrated a strong ability to accurately match regular expressions to a system design. The identification of vulnerabilities is limited to known attacks of other systems and does not offer descriptions of what new attacks are possible to a future application. Extending the approach to incorporate new attacks is an avenue of future work.

Computer Science

Real-time Photorealistic Stereoscopic Rendering of Fire

Rose, Benjamin Michael

29 November 2007

We propose a method for real-time photorealistic stereo rendering of the natural phenomenon of fire. Applications include the use of virtual reality in fire fighting, military training, and entertainment. Rendering fire in real-time presents a challenge because of the transparency and non-static fluid-like behavior of fire. It is well known that, in general, methods that are effective for monoscopic rendering are not necessarily easily extended to stereo rendering because monoscopic methods often do not provide the depth information necessary to produce the parallax required for binocular disparity in stereoscopic rendering. We investigate the existing techniques used for monoscopic rendering of fire and discuss their suitability for extension to real-time stereo rendering. Methods include the use of precomputed textures, dynamic generation of textures, and rendering models resulting from the approximation of solutions of fluid dynamics equations through the use of ray-tracing algorithms. We have found that in order to attain real-time frame rates, our method based on billboarding is effective. Slicing is used to simulate depth. Texture mapping or 2D images are mapped onto polygons and alpha blending is used to treat transparency. We can use video recordings or pre-rendered high-quality images of fire as textures to attain photorealistic stereo.

Computer Science

Concurrency control in distributed caching.

Dev, Kashinath

29 November 2005

Replication and caching strategies are increasingly being used to improve performance and reduce delays in distributed environments. A query can be answered more quickly by accessing a cached copy than making a database round trip. Numerous techniques have been proposed to achieve caching and replication in various contexts. In our context of flat cluster-based networks, we have observed that none of the schemes prove to be optimal for all scenarios. In this thesis we look at concurrency control techniques for achieving consistency in distributed caching in flat cluster-based networks. We then come up with heuristics to choose some concurrency control mechanisms over others, depending on the parameters such as the number of data requests and the ratio of read to write requests.

Computer Science

Intelligent Context-Sensitive Help for Dynamic User and Environment Contexts

Ramachandran, Ashwin

29 October 2004

The problem of providing help for complex application interfaces has been a source of interest for a number of researcher efforts. As the computational power of computers increases, typical applications not only increase in functionality but also in the degree of interaction with the computational environment in which they reside. There are powerful software tools available today used for both specialized and non-specialized tasks that are often used by novice users who attempt tasks without significant training or knowledge of the application?s interface. These kinds of applications are diverse and complicated in the variety of functionality they provide, often interacting with other applications on the user?s system. With current platforms (Windows, Macintosh, Linux etc) providing extensive multi-tasking facilities, interaction with these applications is sometimes affected by the context of the environment itself (e.g., application windows being minimized, maximized or obscured by those of other applications). The interdependencies between applications and their environments increase the difficulty of providing effective context-sensitive help when building an application?s help documentation. The purpose of this research is to create an Intelligent Help System, which incorporates these interactions and affecting factors when providing help. The SmartAidè system, which was developed as part of this effort, works on the premise that the user has a goal when interacting with the application. This document will provide a detailed overview of the architecture of the system along with the underlying design decisions. The system was then evaluated against traditional application help documentation to test its effectiveness. The results and analysis of this evaluation have been enumerated.

Computer Science

A Task-based Framework for the Quantitative Evaluation of Input Devices

Dulberg, Martin S.

29 October 2003

This research describes the development of a conceptual framework and methodology that will permit the evaluation of input devices in graphical user interfaces in a more meaningful context than previous studies. We provide a procedure for the reuse of performance characteristics in expanded domains. Individual performance differences are analyzed and their implications for current evaluation methods are discussed. We have built an interactive simulation for domain-independent testing of the suitability of different input devices for specific tasks, based on the demand characteristics of the task and the performance characteristics of the device. The simulation will allow researchers and practitioners to evaluate the suitability of particular input devices in a given user interface with a severely restricted role for usability testing. Using the system, it will be possible to select a device based upon optimal task completion time or estimated error rate. The role of inter-task transition times is explored. A methodology for prediction of performance with the use of execution graphs is described.

Computer Science

Using Grammatical Evolution Decision Trees for Detecting Gene-Gene Interactions in Genetic Epidemiology

Deodhar, Sushamna Shriniwas

30 November 2009

A major goal of human genetics is the discovery and validation of genetic polymorphisms that predict common, complex diseases. It is hypothesized that complex diseases are due to a myriad of factors including environmental exposures and complex genetic models. This etiological complexity, coupled with rapid advances in genotyping technology present enormous theoretical and practical concerns for statistical and computational analysis. Specifically, the challenge presented by epistasis, or gene-gene interactions, has sparked the development of a multitude of statistical techniques over the years. Subsequently, pattern matching and machine learning approaches have been explored to overcome the limitations of traditional computational methods. Grammatical Evolution Neural Networks (GENN) uses grammatical evolution to optimize neural network architectures and better detect and analyze gene-gene interactions. Motivated by good results shown by GENN to identify epistasis in complex datasets, we have developed a new method of Grammatical Evolution Decision Trees (GEDT). GEDT replaces the black-box approach of neural networks with the white-box approach of decision trees improving understandability and interpretability. We provide a detailed technical understanding of coupling Grammatical Evolution with Decision Tress using Backus Naur Form (BNF) grammar. Further, the GEDT system has been analyzed for power results on simulated datasets. Finally, we show the results of using GEDT on two different epistatis models and discuss the direction it would take in the future.

Computer Science

Plan Recognition as Candidate Space Search

Kumaran, Vikram

06 December 2006

Effective human computer interaction is enhanced by a machine?s ability to make educated guesses about the intention of its user. In our research, we have developed a novel plan recognition algorithm ? based on plan space search planners ? to recognize plans given a limited set of observed actions. Our focus in this research is towards accurately picking possible plans and not towards disambiguation or building plan libraries and therefore we complement other advances in this field, namely probability based recognition and other plan library based recognition systems. Along with the ability to recognize overall goal of an agent our algorithm also allows us to make local predictions, a feature absent in most of the other system.

Computer Science

Proactive Mediation in Plan-Based Narrative Environments

Harris, Justin Tucker

02 November 2005

In interactive plan-based narrative environments, user's actions must be monitored to ensure that conditions necessary for the execution of narrative plans are not compromised. In the Zocalo system, management of user actions is performed on a reactionary basis by a process called mediation. In this thesis, an extension to this approach, proactive mediation, is described, which calculates responses to user input in an anticipatory manner. A proactive mediation module accepts as input a plan describing the actions being performed by the user (generated by a plan recognition system) and identifies portions of that plan that jeopardize the causal structure of the overall narrative. Once these portions are identified, proactive mediation generates modifications to the narrative plan structure that avoid the unwanted interaction between user and story. This extension to the original mediation algorithm provides more responses to a user's actions and generates responses that are more tailored to the user's actions.

Computer Science

The Directional p-Median Problem with Applications to Traffic Quantization and Multiprocessor Scheduling

Jackson, Laura Elizabeth

20 November 2003

An instance of a p-median problem gives n demand points. The objective is to locate p supply points in order to minimize the total distance of the demand points to their nearest supply point. P-median is polynomially solvable in one dimension but NP-hard in two or more dimensions, when either the Euclidean or the rectilinear distance measure is used. In this thesis, we treat the p-median problem under a new distance measure, the directional rectilinear distance, which requires the nearest supply point for a given demand point to lie above and to the right of it. This restriction has applications to multiprocessor scheduling of periodic tasks as well as to traffic quantization and Quality of Service scheduling in packet-switched computer networks. We show that the directional p-median problem is polynomially solvable in one dimension and give two algorithms. We prove the problem NP-hard in two or more dimensions and then present an efficient heuristic to solve it. Compared to the robust Teitz and Bart heuristic for p-median, our heuristic enjoys substantial speedup while sacrificing little in terms of solution quality, making it an ideal choice for our target applications with thousands of demand points.

Computer Science