publications: - title: "How to approach humans?: strategies for social robots to initiate interaction" author: - name: "Satoru Satake" link: "https://researchr.org/alias/satoru-satake" - name: "Takayuki Kanda" link: "https://researchr.org/alias/takayuki-kanda" - name: "Dylan F. Glas" link: "https://researchr.org/alias/dylan-f.-glas" - name: "Michita Imai" link: "https://researchr.org/alias/michita-imai" - name: "Hiroshi Ishiguro" link: "https://researchr.org/alias/hiroshi-ishiguro" - name: "Norihiro Hagita" link: "https://researchr.org/alias/norihiro-hagita" year: "2009" doi: "http://doi.acm.org/10.1145/1514095.1514117" links: doi: "http://doi.acm.org/10.1145/1514095.1514117" tags: - "human-computer interaction" - "social" - "systematic-approach" researchr: "https://researchr.org/publication/SatakeKGIIH09" cites: 0 citedby: 0 pages: "109-116" booktitle: "Proceedings of the 4th ACM/IEEE International Conference on Human Robot Interaction, HRI 2009, La Jolla, California, USA, March 9-13, 2009" editor: - name: "Matthias Scheutz" link: "https://researchr.org/alias/matthias-scheutz" - name: "François Michaud" link: "https://researchr.org/alias/fran%C3%A7ois-michaud" - name: "Pamela J. Hinds" link: "https://researchr.org/alias/pamela-j.-hinds" - name: "Brian Scassellati" link: "https://researchr.org/alias/brian-scassellati" publisher: "ACM" isbn: "978-1-60558-404-1" kind: "inproceedings" key: "SatakeKGIIH09" - title: "A Model-Based Framework for Security Policy Specification, Deployment and Testing" author: - name: "Tejeddine Mouelhi" link: "https://researchr.org/alias/tejeddine-mouelhi" - name: "Franck Fleurey" link: "https://researchr.org/alias/franck-fleurey" - name: "Benoit Baudry" link: "https://researchr.org/alias/benoit-baudry" - name: "Yves Le Traon" link: "https://researchr.org/alias/yves-le-traon" year: "2008" doi: "http://dx.doi.org/10.1007/978-3-540-87875-9_38" abstract: "In this paper, we propose a model-driven approach for specifying, deploying and testing security policies in Java applications. First, a security policy is specified independently of the underlying access control language (OrBAC, RBAC). It is based on a generic security meta-model which can be used for early consistency checks in the security policy. This model is then automatically transformed into security policy for the XACML platform and integrated in the application using aspect-oriented programming. To qualify test cases that validate the security policy in the application, we inject faults into the policy. The fault model and the fault injection process are defined at the meta-model level, making the qualification process language-independent. Empirical results on 3 case studies explore both the feasibility of the approach and the efficiency of a full design & test MDE process. " links: doi: "http://dx.doi.org/10.1007/978-3-540-87875-9_38" tags: - "empirical" - "programming languages" - "object-oriented programming" - "rule-based" - "Java" - "deployment" - "meta programming" - "application framework" - "generic programming" - "case study" - "model checking" - "meta-model" - "modeling language" - "modeling" - "language modeling" - "testing" - "language design" - "security policy specification" - "object-role modeling" - "security" - "aspect oriented programming" - "consistency" - "programming" - "subject-oriented programming" - "access control policies" - "Meta-Environment" - "access control" - "MDE" - "design" - "process modeling" - "role-based access control" - "systematic-approach" - "feature-oriented programming" - "meta-objects" researchr: "https://researchr.org/publication/MouelhiFBT08" cites: 0 citedby: 0 pages: "537-552" booktitle: "Model Driven Engineering Languages and Systems, 11th International Conference, MoDELS 2008, Toulouse, France, September 28 - October 3, 2008. Proceedings" editor: - name: "Krzysztof Czarnecki" link: "http://www.swen.uwaterloo.ca/~kczarnec/" - name: "Ileana Ober" link: "https://researchr.org/alias/ileana-ober" - name: "Jean-Michel Bruel" link: "https://researchr.org/alias/jean-michel-bruel" - name: "Axel Uhl" link: "https://researchr.org/alias/axel-uhl" - name: "Markus Völter" link: "http://www.voelter.de/" volume: "5301" series: "Lecture Notes in Computer Science" publisher: "Springer" isbn: "978-3-540-87874-2" kind: "inproceedings" key: "MouelhiFBT08" - title: "Weaving rewrite-based access control policies" author: - name: "Anderson Santana de Oliveira" link: "http://andersonsantana.wordpress.com" - name: "Eric Ke Wang" link: "https://researchr.org/alias/eric-ke-wang" - name: "Claude Kirchner" link: "https://researchr.org/alias/claude-kirchner" - name: "Hélène Kirchner" link: "https://researchr.org/alias/h%C3%A9l%C3%A8ne-kirchner" year: "2007" doi: "http://doi.acm.org/10.1145/1314436.1314446" links: doi: "http://doi.acm.org/10.1145/1314436.1314446" tags: - "rule-based" - "weaving" - "graph-rewriting" - "access control policies" - "access control" - "rewriting" - "role-based access control" researchr: "https://researchr.org/publication/OliveiraWKK07" cites: 0 citedby: 0 pages: "71-80" booktitle: "Proceedings of the 2007 ACM workshop on Formal methods in security engineering, FMSE 2007, Fairfax, VA, USA, November 2, 2007" editor: - name: "Peng Ning" link: "https://researchr.org/alias/peng-ning" - name: "Vijay Atluri" link: "https://researchr.org/alias/vijay-atluri" - name: "Virgil D. Gligor" link: "https://researchr.org/alias/virgil-d.-gligor" - name: "Heiko Mantel" link: "https://researchr.org/alias/heiko-mantel" publisher: "ACM" isbn: "978-1-59593-887-9" kind: "inproceedings" key: "OliveiraWKK07" - title: "Security policies for downgrading" author: - name: "Stephen Chong" link: "http://people.seas.harvard.edu/~chong/" - name: "Andrew C. Myers" link: "https://researchr.org/alias/andrew-c.-myers" year: "2004" doi: "http://doi.acm.org/10.1145/1030083.1030110" abstract: "A long-standing problem in information security is how to specify and enforce expressive security policies that control information flow while also permitting information release (i.e., declassification) where appropriate. This paper presents security policies for downgrading and a security type system that incorporates them, allowing secure downgrading of information through an explicit declassification operation. Examples are given showing that the downgrading policy language captures useful aspects of designer intent. These policies are connected to a semantic security condition that generalizes noninterference, and the type system is shown to enforce this security condition. " links: doi: "http://doi.acm.org/10.1145/1030083.1030110" tags: - "control systems" - "data-flow language" - "type system" - "data-flow" - "C++" - "security" - "security policies" researchr: "https://researchr.org/publication/ChongM04" cites: 0 citedby: 0 pages: "198-209" booktitle: "Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, Washingtion, DC, USA, October 25-29, 2004" editor: - name: "Vijayalakshmi Atluri" link: "https://researchr.org/alias/vijayalakshmi-atluri" - name: "Birgit Pfitzmann" link: "https://researchr.org/alias/birgit-pfitzmann" - name: "Patrick Drew McDaniel" link: "https://researchr.org/alias/patrick-drew-mcdaniel" publisher: "ACM" isbn: "1-58113-961-6" kind: "inproceedings" key: "ChongM04" - title: "Data-Purpose Algebra: Modeling Data Usage Policies" author: - name: "Chris Hanson" link: "https://researchr.org/alias/chris-hanson" - name: "Tim Berners-Lee" link: "http://www.w3.org/People/Berners-Lee/" - name: "Lalana Kagal" link: "https://researchr.org/alias/lalana-kagal" - name: "Gerald Jay Sussman" link: "http://groups.csail.mit.edu/mac/users/gjs/" - name: "Daniel J. Weitzner" link: "https://researchr.org/alias/daniel-j.-weitzner" year: "2007" doi: "http://doi.ieeecomputersociety.org/10.1109/POLICY.2007.14" abstract: "Data is often encumbered by restrictions on the ways in which it may be used. These restrictions on usage may be determined by statute, by contract, by custom, or by common decency, and they are used to control collection of data, diffusion of data, and the inferences that can be made over the data. In this paper, we present a data-purpose algebra that can be used to model these kinds of restrictions in various different domains. We demonstrate the utility of our approach by modeling part of the Privacy Act (5 USC ?552a)1, which states that data collected about US citizens can be used only for the purposes for which it was collected. We show (i) how this part of the Privacy act can be represented as a set of restrictions on data usage, (ii) how the authorized purposes of data flowing through different government agencies can be calculated, and (iii) how these purposes can be used to determine whether the Privacy Act is being enforced appropriately." links: doi: "http://doi.ieeecomputersociety.org/10.1109/POLICY.2007.14" tags: - "contracts" - "meta-model" - "modeling" - "data-flow" - " algebra" - "Meta-Environment" - "systematic-approach" researchr: "https://researchr.org/publication/HansonBKSW07" cites: 0 citedby: 0 pages: "173-177" booktitle: "8th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2007), 13-15 June 2007, Bologna, Italy" publisher: "IEEE Computer Society" kind: "inproceedings" key: "HansonBKSW07" - title: "Analysis of Rewrite-Based Access Control Policies" author: - name: "Claude Kirchner" link: "http://www.loria.fr/~ckirchne/" - name: "Hélène Kirchner" link: "http://www.loria.fr/~hkirchne/" - name: "Anderson Santana de Oliveira" link: "http://andersonsantana.wordpress.com" year: "2009" doi: "http://dx.doi.org/10.1016/j.entcs.2009.02.072" links: doi: "http://dx.doi.org/10.1016/j.entcs.2009.02.072" tags: - "rule-based" - "analysis" - "graph-rewriting" - "access control policies" - "access control" - "rewriting" - "role-based access control" researchr: "https://researchr.org/publication/KirchnerKO09" cites: 0 citedby: 0 journal: "Electronic Notes in Theoretical Computer Science" volume: "234" pages: "55-75" kind: "article" key: "KirchnerKO09" - title: "Modular Access Control Via Strategic Rewriting" author: - name: "Daniel J. Dougherty" link: "https://researchr.org/alias/daniel-j.-dougherty" - name: "Claude Kirchner" link: "https://researchr.org/alias/claude-kirchner" - name: "Hélène Kirchner" link: "https://researchr.org/alias/h%C3%A9l%C3%A8ne-kirchner" - name: "Anderson Santana de Oliveira" link: "http://andersonsantana.wordpress.com" year: "2007" doi: "http://dx.doi.org/10.1007/978-3-540-74835-9_38" links: doi: "http://dx.doi.org/10.1007/978-3-540-74835-9_38" tags: - "graph-rewriting" - "access control" - "rewriting" researchr: "https://researchr.org/publication/DoughertyKKO07" cites: 0 citedby: 0 pages: "578-593" booktitle: "Computer Security - ESORICS 2007, 12th European Symposium On Research In Computer Security, Dresden, Germany, September 24-26, 2007, Proceedings" editor: - name: "Joachim Biskup" link: "https://researchr.org/alias/joachim-biskup" - name: "Javier Lopez" link: "https://researchr.org/alias/javier-lopez" volume: "4734" series: "Lecture Notes in Computer Science" publisher: "Springer" isbn: "978-3-540-74834-2" kind: "inproceedings" key: "DoughertyKKO07" - title: "Rewriting-Based Access Control Policies" author: - name: "Anderson Santana de Oliveira" link: "http://andersonsantana.wordpress.com" year: "2007" doi: "http://dx.doi.org/10.1016/j.entcs.2007.02.055" links: doi: "http://dx.doi.org/10.1016/j.entcs.2007.02.055" tags: - "rule-based" - "graph-rewriting" - "access control policies" - "access control" - "rewriting" - "role-based access control" researchr: "https://researchr.org/publication/Oliveira07%3A0" cites: 0 citedby: 0 journal: "Electronic Notes in Theoretical Computer Science" volume: "171" number: "4" pages: "59-72" kind: "article" key: "Oliveira07:0" - title: "Access Control Mechanisms in a Distributed, Persistent Memory System" author: - name: "Lanfranco Lopriore" link: "https://researchr.org/alias/lanfranco-lopriore" year: "2002" doi: "http://computer.org/tpds/td2002/l1066abs.htm" links: doi: "http://computer.org/tpds/td2002/l1066abs.htm" tags: - "control systems" - "persistent" - "access control" researchr: "https://researchr.org/publication/Lopriore02" cites: 0 citedby: 0 journal: "IEEE Trans. Parallel Distrib. Syst." volume: "13" number: "10" pages: "1066-1083" kind: "article" key: "Lopriore02" - title: "Simulating Algebraic Specification Genericity on Languages with Initial Semantics" author: - name: "Anamaria Martins Moreira" link: "https://researchr.org/alias/anamaria-martins-moreira" - name: "Anderson Santana de Oliveira" link: "http://andersonsantana.wordpress.com" year: "2004" doi: "http://dx.doi.org/10.1016/j.entcs.2004.04.009" links: doi: "http://dx.doi.org/10.1016/j.entcs.2004.04.009" tags: - "semantics" - "algebraic specification" - " algebra" - "access control" researchr: "https://researchr.org/publication/MoreiraO04" cites: 0 citedby: 0 journal: "Electronic Notes in Theoretical Computer Science" volume: "95" pages: "131-148" kind: "article" key: "MoreiraO04" - title: "Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns" author: - name: "Danny M. Groenewegen" link: "https://www.linkedin.com/in/dannygroenewegen/" - name: "Eelco Visser" link: "http://eelcovisser.org" year: "2008" doi: "http://dx.doi.org/10.1109/ICWE.2008.15" abstract: "In this paper, we present the extension of WebDSL, a domain-specific language for web application development, with abstractions for declarative definition of access control. The extension supports the definition of a wide range of access control policies concisely and transparently as a separate concern. In addition to regulating the access to pages and actions, access control rules are used to infer navigation options not accessible to the current user, preventing the presentation of inaccessible links. The extension is an illustration of a general approach to the design of domain-specific languages for different technical domains to support separation of concerns in application development, while preserving linguistic integration. This approach is realized by means of a transformational semantics that weaves separately defined aspects into an integrated implementation. " links: doi: "http://dx.doi.org/10.1109/ICWE.2008.15" "webdsl": "http://webdsl.org" tags: - "WebDSL" - "semantics" - "rule-based" - "separation of concerns" - "transformation language" - " action semantics" - "language design" - "weaving" - "rules" - "web applications" - "DSL" - "abstraction" - "access control policies" - "access control" - "aspect weaving" - "design" - "role-based access control" - "systematic-approach" - "transformation" - "domain-specific language" researchr: "https://researchr.org/publication/GroenewegenV08" cites: 26 citedby: 7 pages: "175-188" booktitle: "Proceedings of the Eighth International Conference on Web Engineering, ICWE 2008, 14-18 July 2008, Yorktown Heights, New York, USA" editor: - name: "Daniel Schwabe" link: "https://researchr.org/alias/daniel-schwabe" - name: "Francisco Curbera" link: "https://researchr.org/alias/francisco-curbera" - name: "Paul Dantzig" link: "https://researchr.org/alias/paul-dantzig" publisher: "IEEE" isbn: "978-0-7695-3261-5" kind: "inproceedings" key: "GroenewegenV08" - title: "U-MAC: a proactive and adaptive UWB medium access control protocol" author: - name: "Raja Jurdak" link: "https://researchr.org/alias/raja-jurdak" - name: "Pierre Baldi" link: "https://researchr.org/alias/pierre-baldi" - name: "Cristina Videira Lopes" link: "http://www.ics.uci.edu/~lopes/" year: "2005" doi: "http://dx.doi.org/10.1002/wcm.312" links: doi: "http://dx.doi.org/10.1002/wcm.312" tags: - "protocol" - "access control" researchr: "https://researchr.org/publication/JurdakBL05%3A0" cites: 0 citedby: 0 journal: "Wireless Communications and Mobile Computing" volume: "5" number: "5" pages: "551-566" kind: "article" key: "JurdakBL05:0" - title: "Secure web application via automatic partitioning" author: - name: "Stephen Chong" link: "http://people.seas.harvard.edu/~chong/" - name: "Jed Liu" link: "https://researchr.org/alias/jed-liu" - name: "Andrew C. Myers" link: "https://researchr.org/alias/andrew-c.-myers" - name: "Xin Qi" link: "https://researchr.org/alias/xin-qi" - name: "K. Vikram" link: "https://researchr.org/alias/k.-vikram" - name: "Lantian Zheng" link: "https://researchr.org/alias/lantian-zheng" - name: "Xin Zheng" link: "https://researchr.org/alias/xin-zheng" year: "2007" doi: "http://doi.acm.org/10.1145/1294261.1294265" abstract: "Swift is a new, principled approach to building web applications that are secure by construction. In modern web applications, some application functionality is usually implemented as client-side code written in JavaScript. Moving code and data to the client can create security vulnerabilities, but currently there are no good methods for deciding when it is secure to do so. Swift automatically partitions application code while providing assurance that the resulting placement is secure and efficient. Application code is written as Java-like code annotated with information flow policies that specify the confidentiality and integrity of web application information. The compiler uses these policies to automatically partition the program into JavaScript code running in the browser, and Java code running on the server. To improve interactive performance, code and data are placed on the client side. However, security-critical code and data are always placed on the server. Code and data can also be replicated across the client and server, to obtain both security and performance. A max-flow algorithm is used to place code and data in a way that minimizes client-server communication. " links: doi: "http://doi.acm.org/10.1145/1294261.1294265" tags: - "program partitioning" - "JavaScript" - "Java" - "functional programming" - "data-flow programming" - "data-flow" - "C++" - "security" - "compiler" - "web applications" - "partitioning" - "systematic-approach" researchr: "https://researchr.org/publication/ChongLMQVZZ07" cites: 33 citedby: 0 pages: "31-44" booktitle: "Proceedings of the 21st ACM Symposium on Operating Systems Principles 2007, SOSP 2007, Stevenson, Washington, USA, October 14-17, 2007" editor: - name: "Thomas C. Bressoud" link: "https://researchr.org/alias/thomas-c.-bressoud" - name: "M. Frans Kaashoek" link: "https://researchr.org/alias/m.-frans-kaashoek" publisher: "ACM" isbn: "978-1-59593-591-5" kind: "inproceedings" key: "ChongLMQVZZ07" - title: "Rewrite Based Specification of Access Control Policies" author: - name: "Horatiu Cirstea" link: "https://researchr.org/alias/horatiu-cirstea" - name: "Pierre-Etienne Moreau" link: "http://www.loria.fr/~moreau/dokuwiki/doku.php" - name: "Anderson Santana de Oliveira" link: "http://andersonsantana.wordpress.com" year: "2009" doi: "http://dx.doi.org/10.1016/j.entcs.2009.02.071" links: doi: "http://dx.doi.org/10.1016/j.entcs.2009.02.071" tags: - "rule-based" - "graph-rewriting" - "access control policies" - "access control" - "rewriting" - "role-based access control" researchr: "https://researchr.org/publication/CirsteaMO09" cites: 0 citedby: 0 journal: "Electronic Notes in Theoretical Computer Science" volume: "234" pages: "37-54" kind: "article" key: "CirsteaMO09" - title: "A survey, classification and comparative analysis of medium access control protocols for ad hoc networks" author: - name: "Raja Jurdak" link: "https://researchr.org/alias/raja-jurdak" - name: "Cristina Videira Lopes" link: "http://www.ics.uci.edu/~lopes/" - name: "Pierre Baldi" link: "https://researchr.org/alias/pierre-baldi" year: "2004" doi: "http://dl.comsoc.org/cocoon/comsoc/servlets/OntologySearch?query=&node=TOC1496&render=false&type=1" links: doi: "http://dl.comsoc.org/cocoon/comsoc/servlets/OntologySearch?query=&node=TOC1496&render=false&type=1" tags: - "classification" - "protocol" - "analysis" - "survey" - "access control" researchr: "https://researchr.org/publication/JurdakLB04%3A0" cites: 0 citedby: 0 journal: "IEEE Communications Surveys and Tutorials" volume: "6" number: "1-4" pages: "2-16" kind: "article" key: "JurdakLB04:0"