About

Log in?

DTU users get better search results including licensed content and discounts on order fees.

Anyone can log in and get personalized features such as favorites, tags and feeds.

Log in as DTU user Log in as non-DTU user No thanks

DTU Findit
Boolean: (bicycle AND helmet) OR (head AND protection) (always group AND in parenthesis)
Title: title:(climate change)
Author: author:("bohr niels" OR "bohr n") (avoid only full first name)
Phrase: "water pump control" (does not work with wildcards)
Wildcards: wom?n pharm*

More help on how to search

Flexible matching

About search syntax

Search syntax Advanced
Close advanced
{{problem}}
By field Using AND/OR By author
This tool can help you build boolean queries suitable for doing a broad search for different synonyms or spellings of each word. Start via the drop-down below or just start typing in the search field.
{{ row.typeTitle }}: ( )

Since our index often lack the full first name of people it can be difficult to correctly search by author.

Fill in the fields and let us help you build a good query:

If you need to find everything possible, consider only searching by last name.

Use "Starting year" to ignore publications out of year range.

More...

Conference paper

Analysing Access Control Specifications

In Proceedings of the Fourth International Ieee Workshop on Systematic Approaches To Digital Forensic Engineering — 2009, pp. 22-33

By Probst, Christian W.1,2; Hansen, René Rydhof2

From

Language-Based Technology, Department of Informatics and Mathematical Modeling, Technical University of Denmark1

Department of Informatics and Mathematical Modeling, Technical University of Denmark2

When prosecuting crimes, the main question to answer is often who had a motive and the possibility to commit the crime. When investigating cyber crimes, the question of possibility is often hard to answer, as in a networked system almost any location can be accessed from almost anywhere. The most common tool to answer this question, analysis of log files, faces the problem that the amount of logged data may be overwhelming.

This problems gets even worse in the case of insider attacks, where the attacker’s actions usually will be logged as permissible, standard actions—if they are logged at all. Recent events have revealed intimate knowledge of surveillance and control systems on the side of the attacker, making it often impossible to deduce the identity of an inside attacker from logged data.

In this work we present an approach that analyses the access control configuration to identify the set of credentials needed to reach a certain location in a system. This knowledge allows to identify a set of (inside) actors who have the possibility to commit an insider attack at that location. This has immediate applications in analysing log files, but also nontechnical applications such as identifying possible suspects, or, beyond cyber crimes, picking the “best” actor for a certain task.

We also sketch an online analysis that identifies where an actor can be located based on observed actions.

Language: English
Publisher: IEEE
Year: 2009
Pages: 22-33
Proceedings: 2009 Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering
ISBN: 0769537928 , 1509071725 , 9780769537924 and 9781509071722
Types: Conference paper
DOI: 10.1109/SADFE.2009.13
ORCIDs: Probst, Christian W.
Keywords

SDG 16 - Peace, Justice and Strong Institutions

Other keywords

Access control Companies Conferences Control system analysis Control systems Digital forensics Information systems Measurement standards Network servers Surveillance access control access control configuration access control specification analysis authorisation computer crime cyber crime analysis log file analysis nontechnical application online analysis prosecuting crime surveillance system

DTU users get better search results including licensed content and discounts on order fees.

Log in as DTU user

Access

Analysis