scholarly journals Algorithms for Workflow Satisfiability Problem with User-independent Constraints

2020 ◽  
Vol 1 (1) ◽  
pp. 25-38
Author(s):  
Gregory Gutin
Keyword(s):  
Information Security ◽  
Access Control ◽  
Real World ◽  
Computational Experiments ◽  
Satisfiability Problem ◽  
Iterative Approach ◽  
Constraint Satisfiability ◽  
Fruitful Research

The Workflow Satisfiability Problem (WSP) is a problem of interest in access control of information security. In its simplest form, the problem coincides with the Constraint Satisfiability Problem, where the number of variables is usually much smaller than the number of values. Wang and Li (ACM Trans. Inf. Syst. Secur. 2010) were the first to study the WSP as a problem parameterized by the number of variables. Their paper initiated very fruitful research surveyed by Cohen, Crampton, Gutin and Wahlström (2017). In this paper, we overview more recent WSP algorithmic developments and discuss computational experiments performed on two new testbeds of WSP instances. These WSP instances are closer to real-world ones than those by Karapetyan et al. (JAIR 2019). One of the two testbeds is generated using a novel iterative approach for obtaining computationally hard WSP instances.

scholarly journals A Matheuristic Iterative Approach for Profit-Oriented Line Planning Applied to the Chinese High-Speed Railway Network

2020 ◽  
Vol 2020 ◽  
pp. 1-18
Author(s):  
Di Liu ◽  
Javier Durán Micco ◽  
Gongyuan Lu ◽  
Qiyuan Peng ◽  
Jia Ning ◽  
...  
Keyword(s):  
Travel Time ◽  
Real World ◽  
High Speed ◽  
Computational Experiments ◽  
Planning Problem ◽  
Iterative Approach ◽  
Railway Network ◽  
Line Planning ◽  
High Speed Railway ◽  
Passenger Assignment

In this paper, a matheuristic iterative approach (MHIA) is proposed to solve the line planning problem, also called network design problem, and frequency setting on the Chinese high-speed railway network. Our optimization model integrates the cost-oriented and passenger-oriented objectives into a profit-oriented objective. Therefore, the passenger travel time is incorporated in the ticket price using a travel time value. As a result, transfers and detours will result in lower ticket prices and thus lower revenues for the operator. When evaluating the performance of a given line plan, the way in which passengers will travel through the network needs to be modelled. This passenger assignment is typically a time-consuming calculation. The proposed line planning approach iteratively improves the line plan using easy-to-determine indicators. During the process, a mixed integer linear programming model addresses the passenger assignment and optimizes the frequency setting in order to maximise the operational profit. Extensive computational experiments are executed to show the effectiveness of the proposed approach to deal with the real-world railway network line planning problem. Through extensive computational experiments on the small example network and real-world-based instances, the results show that the proposed model can improve the profits by 22.4% on average comparing to their initial solutions. When comparing to an alternative iterative approach, our proposed method has advantage of obtaining high quality of solutions by improving the profit 10.8% on average. For small, medium, and large size networks, the obtained results are close to the optimal solutions, when available.

Protecting a whale in a sea of phish

2020 ◽  
Vol 35 (3) ◽  
pp. 214-231
Author(s):  
Daniel Pienta ◽  
Jason Bennett Thatcher ◽  
Allen Johnston
Keyword(s):  
Information Security ◽  
Real World ◽  
Spillover Effects ◽  
Directed Attention ◽  
Future Directions ◽  
Security Research ◽  
Email Message ◽  
Multiple Domains ◽  
Future Information

Whaling is one of the most financially damaging, well-known, effective cyberattacks employed by sophisticated cybercriminals. Although whaling largely consists of sending a simplistic email message to a whale (i.e. a high-value target in an organization), it can result in large payoffs for cybercriminals, in terms of money or data stolen from organizations. While a legitimate cybersecurity threat, little information security research has directed attention toward whaling. In this study, we begin to provide an initial understanding of what makes whaling such a pernicious problem for organizations, executives, or celebrities (e.g. whales), and those charged with protecting them. We do this by defining whaling, delineating it from general phishing and spear phishing, presenting real-world cases of whaling, and provide guidance on future information security research on whaling. We find that whaling is far more complex than general phishing and spear phishing, spans multiple domains (e.g. work and personal), and potentially results in spillover effects that ripple across the organization. We conclude with a discussion of promising future directions for whaling and information security research.

Boosting branch-and-bound MaxSAT solvers with clause learning

2021 ◽  
pp. 1-21
Author(s):  
Chu-Min Li ◽  
Zhenxing Xu ◽  
Jordi Coll ◽  
Felip Manyà ◽  
Djamal Habet ◽  
...  
Keyword(s):  
Experimental Investigation ◽  
Combinatorial Optimization ◽  
Problem Solving ◽  
Branch And Bound ◽  
Real World ◽  
Optimization Problems ◽  
Satisfiability Problem ◽  
Maximum Satisfiability ◽  
Combinatorial Optimization Problems ◽  
Clause Learning

The Maximum Satisfiability Problem, or MaxSAT, offers a suitable problem solving formalism for combinatorial optimization problems. Nevertheless, MaxSAT solvers implementing the Branch-and-Bound (BnB) scheme have not succeeded in solving challenging real-world optimization problems. It is widely believed that BnB MaxSAT solvers are only superior on random and some specific crafted instances. At the same time, SAT-based MaxSAT solvers perform particularly well on real-world instances. To overcome this shortcoming of BnB MaxSAT solvers, this paper proposes a new BnB MaxSAT solver called MaxCDCL. The main feature of MaxCDCL is the combination of clause learning of soft conflicts and an efficient bounding procedure. Moreover, the paper reports on an experimental investigation showing that MaxCDCL is competitive when compared with the best performing solvers of the 2020 MaxSAT Evaluation. MaxCDCL performs very well on real-world instances, and solves a number of instances that other solvers cannot solve. Furthermore, MaxCDCL, when combined with the best performing MaxSAT solvers, solves the highest number of instances of a collection from all the MaxSAT evaluations held so far.

scholarly journals Evaluating the Performance of Novel JWT Revocation Strategy

2021 ◽  
Author(s):  
László Viktor Jánoky ◽  
Péter Ekler ◽  
János Levendovszky
Keyword(s):  
Access Control ◽  
Real World ◽  
Mathematical Framework ◽  
Web Based ◽  
Novel Approach ◽  
User Access ◽  
Digital Signing

JSON Web Tokens (JWT) provide a scalable, distributed way of user access control for modern web-based systems. The main advantage of the scheme is that the tokens are valid by themselves – through the use of digital signing – also imply its greatest weakness. Once issued, there is no trivial way to revoke a JWT token. In our work, we present a novel approach for this revocation problem, overcoming some of the problems of currently used solutions. To compare our solution to the established solutions, we also introduce the mathematical framework of comparison, which we ultimately test using real-world measurements.

Real-World Oriented Access Control Method with a Displayed Password

2004 ◽  
pp. 19-29 ◽  
Author(s):  
Yuji Ayatsuka ◽  
Michimune Kohno ◽  
Jun Rekimoto
Keyword(s):  
Access Control ◽  
Real World ◽  
Control Method

Modeling Access Control in Healthcare Organizations

2011 ◽  
pp. 23-44
Author(s):  
Efstratia Mourtou
Keyword(s):  
Information Security ◽  
Access Control ◽  
Security Policy ◽  
Healthcare Professionals ◽  
Vital Role ◽  
Sensitive Information ◽  
Healthcare Organizations ◽  
Security Issues ◽  
Efficiency And Effectiveness ◽  
The Status

Since Hospital Information Systems (HIS) are designed to support doctors and healthcare professionals in their daily activities, information security plays a vital role in managing access control. Efficiency and effectiveness of information security policy is crucial, especially when dealing with situations that affect the status and life-history of the patient. In addition, the rules and procedures to follow, in order to provide confidentiality of sensitive information, have to focus on management of events on any table of the HIS. On the other hand, control and statement constraints, as well as events and security auditing techniques, play also an important role, due to the heterogeneity of healthcare professionals’ roles, actions and physical locations, as well as to the specific characteristics and needs of the healthcare organizations. This chapter will first explore issues in managing access control and security of healthcare information by reviewing the possible threats and vulnerabilities as well as the basic attributes of the hospital’s security plan. The authors will then present a hierarchical access model that, from a security policy perspective, refers to data ownership and access control issues. The authors conclude the chapter with discussions of upcoming security issues.

Access control in and for the real world

2014 ◽  
Author(s):  
Sara (Sara A. B.) Sinclair
Keyword(s):  
Access Control ◽  
Real World ◽  
The Real
Sign in / Sign up

Export Citation Format

Share Document