Andreas Schaad, Karsten Sohr, Michael Drouineaud
Abstract: Demonstrating the safety of a system (ie. avoiding the undesired propagation of access rights or indirect access through some other granted resource) is one of the goals of access control...
Supporting Agile Development of Authorization Rules for SME Applications (2009)
Steffen Bartsch, Karsten Sohr, Carsten Bormann
Abstract. Custom SME applications for collaboration and workflow have become affordable when implemented as Web applications employing Agile methodologies. Security engineering is still difficult...
Implementing Advanced RBAC Administration Functionality with USE * (2009)
Tanveer Mustafa, Karsten Sohr, Duc-hanh Dang, Michael Drouineaud, Stefan Kowski, Jordi Cabot, ...
8 th International Workshop on
Enforcing Role-Based Access Control Policies in Web Services with UML and OCL (2009)
Karsten Sohr, Tanveer Mustafa, Xinyu Bao, Gail-joon Ahn
Role-based access control (RBAC) is a powerful means for laying out higher-level organizational policies such as separation of duty, and for simplifying the security management process. One of the...
Thomas Hollstein, Manfred Glesner, Tu Darmstadt, Ulrich Waldmann, Fraunhofer Sit Darmstadt, Henk Birkholz, ...
RFID technology is an emerging market with a wide spectrum of application domains. The introduction of RFID systems in industrial manufacturing has already been taken up more than ten years ago....
A Role based Access Control Model for Agent based Control Systems (2009)
Michael Drouineaud, Arndt Lüder, Karsten Sohr
Abstract — The spreading of Ethernet TCP/IP protocol suite based communication in automation systems has raised new questions concerning data consistency and security. This paper introduces...
Michael Drouineaud, Karsten Sohr
ORKA is funded by the German Ministry of Education and Research (BMBF) as part of its Software Engineering 2006 programme. c ○ 2006 ORKA Consortium Internal document information: $Id:...
Analyzing and Managing Role-Based Access Control Policies (2008)
Karsten Sohr, Michael Drouineaud, Gail-joon Ahn, Martin Gogolla
Today more and more security-relevant data is stored on computer systems; security-critical business processes are mapped to their digital counterparts. This situation applies to various domains such...
covering dynamic separation (2007)
Till Mossakowski, Michael Drouineaud, Karsten Sohr
A temporal-logic extension
Specification and validation of authorisation constraints using UML and OCL (2005)
Karsten Sohr, Gail-joon Ahn, Martin Gogolla, Lars Migge
Abstract. Authorisation constraints can help the policy architect design and express higher-level security policies for organisations such as financial institutes or governmental agencies. Although...
Die Sicherheitsaspekte von mobilem Code [Elektronische Ressource] / (2001)
Marburg, Universiẗat, Diss., 2001.