DeRef: a privacy-preserving defense mechanism against request forgery attacks.

January 2011

Fung, Siu Yuen. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2011. / Includes bibliographical references (p. 58-63). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Background and Related Work --- p.7 / Chapter 2.1 --- Request Forgery Attacks --- p.7 / Chapter 2.2 --- Current Defense Approaches --- p.10 / Chapter 2.3 --- Lessons Learned --- p.13 / Chapter 3 --- Design of DeRef --- p.15 / Chapter 3.1 --- Threat Model --- p.16 / Chapter 3.2 --- Fine-Grained Access Control --- p.18 / Chapter 3.3 --- Two-Phase Privacy-Preserving Checking --- p.24 / Chapter 3.4 --- Putting It All Together --- p.29 / Chapter 3.5 --- Implementation --- p.33 / Chapter 4 --- Deployment Case Studies --- p.36 / Chapter 4.1 --- WordPress --- p.37 / Chapter 4.2 --- Joomla! and Drupal --- p.42 / Chapter 5 --- Evaluation --- p.44 / Chapter 5.1 --- Performance Overhead of DeRef in Real Deployment --- p.45 / Chapter 5.2 --- Performance Overhead of DeRef with Various Configurations --- p.50 / Chapter 6 --- Conclusions --- p.56 / Bibliography --- p.58

Internet--Security measures

Data protection

Database security

Towards the development of a defensive cyber damage and mission impact methodology

Fortson, Larry W.,

January 1900

Thesis (M.S.)--Air Force Institute of Technology, 2007. / AFIT/GIR/ENV/07-M9. Title from title page of PDF document (viewed on: Nov. 29, 2007). "March 2007." Includes bibliographical references (leaves 226-237).

Vulnerability assessment of Java bytecode

Shah, Rahul Arvind..

January 2005

Thesis(M.S.)--Auburn University, 2005. / Abstract. Vita. Includes bibliographic references.

Methods of detecting intrusions in security protocols

Sherwood, Robert William. Burmester, Mike.

January 2004

Thesis (M. S.)--Florida State University, 2004. / Advisor: Dr. Mike Burmester, Florida State University, College of Arts and Sciences, Dept. of Computer Science. Title and description from dissertation home page (viewed Jan. 18, 2005). Includes bibliographical references.

Trust negotiation for open database access control /

Porter, Paul A.,

January 2006

Thesis (M.S.)--Brigham Young University. Dept. of Computer Science, 2006. / Includes bibliographical references (p. 41-44).

An audit perspective of data quality

Ramabulana, Territon

20 November 2014

M.Com. (Computer Auditing) / Please refer to full text to view abstract

Database management

Database security

Auditing - Data processing

A critical review of the IFIP TC11 Security Conference Series

Gaadingwe, Tshepo Gaadingwe

January 2007

Over the past few decades the field of computing has grown and evolved. In this time, information security research has experienced the same type of growth. The increase in importance and interest in information security research is reflected by the sheer number of research efforts being produced by different type of organizations around the world. One such organization is the International Federation for Information Processing (IFIP), more specifically the IFIP Technical Committee 11 (IFIP TC11). The IFIP TC11 community has had a rich history in producing high quality information security specific articles for over 20 years now. Therefore, IFIP TC11 found it necessary to reflect on this history, mainly to try and discover where it came from and where it may be going. Its 20th anniversary of its main conference presented an opportunity to begin such a study of its history. The core belief driving the study being that the future can only be realized and appreciated if the past is well understood. The main area of interest was to find out topics which may have had prevalence in the past or could be considered as "hot" topics. To achieve this, the author developed a systematic process for the study. The underpinning element being the creation of a classification scheme which was used to aid the analysis of the IFIP TC11 20 year's worth of articles. Major themes were identified and trends in the series highlighted. Further discussion and reflection on these trends were given. It was found that, not surprisingly, the series covered a wide variety of topics in the 20 years. However, it was discovered that there has been a notable move towards technically focused papers. Furthermore, topics such as business continuity had just about disappeared in the series while topics which are related to networking and cryptography continue to gain more prevalence.

Database security

Data protection

Computers -- Access control

Packaged software : security and controls audit review

Van Heerden, Chris

15 September 2015

M.Com. / In recent years large organisations that developed mainframe application software in-house are now purchasing software packages to replace these applications. These advanced packages incorporate a high level of integration and include security and control features to ensure that the integrity of input, processing, output and storage are maintained. Computer auditors are required to evaluate these advanced packaged software to ensure that the security and control features are adequate and comply with organisational standards. Furthermore, they must ensure that the integrity of information systems programs and data are maintained ...

Auditing - Data processing

Software protection

Database security

Anti-Tamper Databases: Querying Encrypted Databases

Chung, Sun S.

09 January 2006

No description available.

Database Security,

Querying Encrypted Databases,

Database Encryption

Logic programming based formal representations for authorization and security protocols

Wang, Shujing, University of Western Sydney, College of Health and Science, School of Computing and Mathematics

January 2008

Logic programming with answer set semantics has been considered appealing rule-based formalism language and applied in information security areas. In this thesis, we investigate the problems of authorization in distributed environments and security protocol verification and update. Authorization decisions are required in large-scale distributed environments, such as electronic commerce, remote resource sharing, etc. We adopt the trust management approach, in which authorization is viewed as a ‘proof of compliance" problem. We develop an authorization language AL with non-monotonic feature as the policy and credential specification language, which can express delegation with depth control, complex subject structures, both positive and negative authorizations, and separation of duty concepts. The theoretical foundation for language AL is the answer set semantics of logic programming. We transform AL to logic programs and the authorization decisions are based on answer sets of the programs. We also explore the tractable subclasses of language AL. We implement a fine grained access control prototype system for XML resources, in which the language AL¤ simplified from AL is the policy and credential specification language. We define XPolicy, the XML format of AL¤, which is a DTD for the XML policy documents. The semantics of the policy is based on the semantics of language AL. The system is implemented using Java programming. We investigate the security protocol verification problem in provable security approach. Based on logic programming with answer set semantics, we develop a unified framework for security protocol verification and update, which integrates protocol specification, verification and update. The update model is defined using forgetting techniques in logic programming. Through a case study protocol, we demonstrate an application of our approach. / Doctor of Philosophy (PhD)

computer security

computer networks

database security

logic programming