Access and information flow control to secure mobile web service compositions in resource constrained environments
| dc.contributor.advisor | Kayem, Anne | en_ZA |
| dc.contributor.author | Maziya, Lwazi Enock | en_ZA |
| dc.date.accessioned | 2016-06-10T07:39:57Z | |
| dc.date.available | 2016-06-10T07:39:57Z | |
| dc.date.issued | 2015 | en_ZA |
| dc.description.abstract | The growing use of mobile web services such as electronic health records systems and applications like twitter, Facebook has increased interest in robust mechanisms for ensuring security for such information sharing services. Common security mechanisms such as access control and information flow control are either restrictive or weak in that they prevent applications from sharing data usefully, and/or allow private information leaks when used independently. Typically, when services are composed there is a resource that some or all of the services involved in the composition need to share. However, during service composition security problems arise because the resulting service is made up of different services from different security domains. A key issue that arises and that we address in this thesis is that of enforcing secure information flow control during service composition to prevent illegal access and propagation of information between the participating services. This thesis describes a model that combines access control and information flow control in one framework. We specifically consider a case study of an e-health service application, and consider how constraints like location and context dependencies impact on authentication and authorization. Furthermore, we consider how data sharing applications such as the e-health service application handle issues of unauthorized users and insecure propagation of information in resource constrained environments¹. Our framework addresses this issue of illegitimate information access and propagation by making use of the concept of program dependence graphs (PDGs). Program dependence graphs use path conditions as necessary conditions for secure information flow control. The advantage of this approach to securing information sharing is that, information is only propagated if the criteria for data sharing are verified. Our solution proposes or offers good performance, fast authentication taking into account bandwidth limitations. A security analysis shows the theoretical improvements our scheme offers. Results obtained confirm that the framework accommodates the CIA-triad (which is the confidentiality, integrity and availability model designed to guide policies of information security) of our work and can be used to motivate further research work in this field. | en_ZA |
| dc.identifier.apacitation | Maziya, L. E. (2015). <i>Access and information flow control to secure mobile web service compositions in resource constrained environments</i>. (Thesis). University of Cape Town ,Faculty of Science ,Department of Computer Science. Retrieved from http://hdl.handle.net/11427/20003 | en_ZA |
| dc.identifier.chicagocitation | Maziya, Lwazi Enock. <i>"Access and information flow control to secure mobile web service compositions in resource constrained environments."</i> Thesis., University of Cape Town ,Faculty of Science ,Department of Computer Science, 2015. http://hdl.handle.net/11427/20003 | en_ZA |
| dc.identifier.citation | Maziya, L. 2015. Access and information flow control to secure mobile web service compositions in resource constrained environments. University of Cape Town. | en_ZA |
| dc.identifier.ris | TY - Thesis / Dissertation AU - Maziya, Lwazi Enock AB - The growing use of mobile web services such as electronic health records systems and applications like twitter, Facebook has increased interest in robust mechanisms for ensuring security for such information sharing services. Common security mechanisms such as access control and information flow control are either restrictive or weak in that they prevent applications from sharing data usefully, and/or allow private information leaks when used independently. Typically, when services are composed there is a resource that some or all of the services involved in the composition need to share. However, during service composition security problems arise because the resulting service is made up of different services from different security domains. A key issue that arises and that we address in this thesis is that of enforcing secure information flow control during service composition to prevent illegal access and propagation of information between the participating services. This thesis describes a model that combines access control and information flow control in one framework. We specifically consider a case study of an e-health service application, and consider how constraints like location and context dependencies impact on authentication and authorization. Furthermore, we consider how data sharing applications such as the e-health service application handle issues of unauthorized users and insecure propagation of information in resource constrained environments¹. Our framework addresses this issue of illegitimate information access and propagation by making use of the concept of program dependence graphs (PDGs). Program dependence graphs use path conditions as necessary conditions for secure information flow control. The advantage of this approach to securing information sharing is that, information is only propagated if the criteria for data sharing are verified. Our solution proposes or offers good performance, fast authentication taking into account bandwidth limitations. A security analysis shows the theoretical improvements our scheme offers. Results obtained confirm that the framework accommodates the CIA-triad (which is the confidentiality, integrity and availability model designed to guide policies of information security) of our work and can be used to motivate further research work in this field. DA - 2015 DB - OpenUCT DP - University of Cape Town LK - https://open.uct.ac.za PB - University of Cape Town PY - 2015 T1 - Access and information flow control to secure mobile web service compositions in resource constrained environments TI - Access and information flow control to secure mobile web service compositions in resource constrained environments UR - http://hdl.handle.net/11427/20003 ER - | en_ZA |
| dc.identifier.uri | http://hdl.handle.net/11427/20003 | |
| dc.identifier.vancouvercitation | Maziya LE. Access and information flow control to secure mobile web service compositions in resource constrained environments. [Thesis]. University of Cape Town ,Faculty of Science ,Department of Computer Science, 2015 [cited yyyy month dd]. Available from: http://hdl.handle.net/11427/20003 | en_ZA |
| dc.language.iso | eng | en_ZA |
| dc.publisher.department | Department of Computer Science | en_ZA |
| dc.publisher.faculty | Faculty of Science | en_ZA |
| dc.publisher.institution | University of Cape Town | |
| dc.subject.other | Computer Science | en_ZA |
| dc.title | Access and information flow control to secure mobile web service compositions in resource constrained environments | en_ZA |
| dc.type | Master Thesis | |
| dc.type.qualificationlevel | Masters | |
| dc.type.qualificationname | MSc | en_ZA |
| uct.type.filetype | Text | |
| uct.type.filetype | Image | |
| uct.type.publication | Research | en_ZA |
| uct.type.resource | Thesis | en_ZA |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- thesis_sci_2015_maziya_lwazi_enock (1).pdf
- Size:
- 1.17 MB
- Format:
- Adobe Portable Document Format
- Description: