security Archive

Reverse engineering of database security policies

Automatic extraction of security policies that generates an RBAC security model from an existing database by analyzing its dictionary, views, triggers,...

Enforcing access control with model transformations

Have you ever thought about using model transformations to specify and enforce access-control policies? Check how we do it

Analysis of Java EE Security Configurations (+slides)

Our work helps security experts to visualize, (automatically) analyse and manipulate web security access-control policies, specially for Java EE

Security in Java-based web applications – survey results

Definition of security policies is perceived as an important activity by developers, but at the same time they say it's complex and error prone. Read the full results

A short survey on security aspects in Java-based web applications – Help needed!

Help us (the researchers) to help you by answering this survey so that we can then target our security analysis algorithms to what you need!

Understanding firewall configurations: a vendor-independent access-control security model

Firewalls are a key element in network security. They are in charge of filtering the traffic

Access-control security metamodel for content management systems

Apart from this JSON paper in the main ICWE conference, AtlanMod is presenting the paper Towards

A model-driven approach for the extraction of network access-control policies

(work presented at MDsec’12 co-authored with Salvador Martínez, Joaquin García-Alfaro, Frédéric Cuppens, Nora Cuppens-Boulahia and myself).  Network security