Sharif Digital Repository

Virtual organization (VO) is aimed to provide inter-organizational collaborations. Constructing a VO necessitates provision of security and access control requirements which cannot be satisfied using the traditional access control models. This is basically due to special features of VOs; such as temporality, unknown users, and diverse resources. In this paper, after expressing our assumption on a framework for VOs; the concept of organizational trust and reputation is used to establish an access control model for VOs. Each member of an organization inherits its organizational reputation. Resource providers announce the behavior of their interacting users to their organization manager.... 

Context-awareness is an essential requirement of modern access control models. Organization-Based Access Control (OrBAC) model is a powerful context-aware access control model defined by first-order logic. However, due to the monotonicity nature of the first-order logic, OrBAC suffers from the incapability of making decision based on incomplete context information as well as the definition of default and exception policy rules. This paper proposes augmenting non-monotonicity features to OrBAC using MKNF+ logic, which is a combination of Description Logic (DL) and Answer Set Programming (ASP). Along with the use of DL to define ontology for main entities and context information in OrBAC;... 

An access control model for Semantic Web should take the semantic relationships among the entities, defined in the abstract conceptual level (i.e., ontology level), into account. Authorization and policy specification based on a logical model let us infer implicit security policies from the explicit ones based on the defined semantic relationships in the domains of subjects, objects, and actions. In this paper, we propose a logic based access control model for specification and inference of history-constrained access policies in conceptual level of Semantic Web. The proposed model (named TDLBAC-2) enables authorities to state policy rules based on the history of users' accesses using a... 

The monoanionic bidentate Schiff base, N-(phenolyl)-benzaldimine (HL), has been employed to synthesize a new vanadium(IV) complex of general composition [VO(L)2] (where L = O, N donor of Schiff base). The ligand and complex have been fully characterized by elemental analyses, molar conductance data, FT-IR, 1H- and 13C-NMR, and UV-Vis spectroscopies. Oxidation of alcohols to their corresponding aldehydes and ketones was conducted by this complex catalyst using Oxone as oxidant under biphasic reaction conditions (CH2Cl2/H2O) and tetra-n-butylammonium bromide as phase transfer agent under air at room temperature  

Hybrid Mobile Applications are a new generation of mobile applications that have recently introduced new security challenges. In these applications, untrusted web content, such as an advertisement inside an embedded browser, has the same privileges as the entire application and can directly access the device resources. Unfortunately, existing access control mechanisms are very coarse-grained and do not provide adequate facilities for fine-grained access rule definition and enforcement in hybrid mobile applications. In this paper, we propose a fine-grained access control mechanism for privilege separation in hybrid mobile applications. Our proposed access control mechanism, called... 

Nowadays, a large volume of an organization's sensitive data is stored in databases making them attractive to attackers. The useful information attackers try to obtain in the preliminary steps, is the database structure or schema. One of the popular approaches to infer and extract the schema of a database is to analyze the returned error messages from its DBMS. In this paper, we propose a framework to handle and modify the error messages automatically in order to prevent schema revealing. To this aim, after identifying and introducing an appropriate set of categories of error messages, each error message that is returned from a DBMS is placed in a proper category. According to the policy... 

Graphene oxide was an effective supporting material for immobilizing a dioxomolybdenum Schiff base complex via covalent interaction. The large surface of graphene oxide plays important roles to obtain a good degree of catalytic reaction. Catalytic capacity of the graphene-bound dioxomolybdenum Schiff base complex was investigated for the oxidation of various sulfides to sulfoxide compounds using hydrogen peroxide urea as an oxidant. The catalyst was characterized by various techniques including XRD, FTIR, TGA, SEM, UV–vis, and ICP-AES. The immobilized complex was very efficient with the extra benefits of easy recovery and recycling of the heterogeneous catalyst. The graphene oxide bound... 

One of the organizations’ main concerns is to protect sensitive data in database systems, especially the ones outsourced to untrusted service providers. An effective solution for this issue is to employ database encryption methods. Among different encryption approaches, Bucket-based method has the advantage of balancing security and performance of database operations. However, generating false-positive results in executing queries is the main drawback of this method. On the other hand, multi-join queries are one of the most critical operations executed on these stored sensitive data. Hence, acceptable processing and response time in executing multi-join queries is required. In this paper, we... 

An hydrazone Schiff base-iron(III) complex using salicylidene benzoyl hydrazine (L) as ligand has been synthesized and characterized by elemental analyses, IR, 1H and 13C NMR and UV-Vis spectroscopy. Oxidation of sulfides to sulfoxides in one-step was conducted by this complex catalyst using urea hydrogen peroxide (UHP) in mixture of CH2Cl2/CH3OH (1:1) under air at room temperature. The effect of the reaction conditions on the oxidation of methylphenylsulfide was studied by varying the amount of the catalyst, reaction temperature, reaction time and the amount of UHP. The results showed that using this system in the oxidation of sulfides, sulfoxides were obtained as the main products,... 

An access control model for Semantic Web should be compatible with the corresponding semantic model. The access control procedure(s) should also take the semantic relationships between the entities (specified as ontologies) into account. Considering the benefits of logic-based models and the description logic foundation of Semantic Web, in this paper, we propose an access control model based on a temporal variant of description logics (TL-ALCF). This logical schema enables us to express history constrained policies to enrich the policy-base with dynamic properties based on previous accesses. The specification of each component of the model as well as the approach to define history... 

Widespread growth in Android malware stimulates security researchers to propose different methods for analyzing and detecting malicious behaviors in applications. Nevertheless, current solutions are ill-suited to extract the fine-grained behavior of Android applications accurately and efficiently. In this paper, we propose ServiceMonitor, a lightweight host-based detection system that dynamically detects malicious applications directly on mobile devices. ServiceMonitor reconstructs the fine-grained behavior of applications based on their interaction with system services (i.e. SMS manager, camera, wifi networking, etc). ServiceMonitor monitors the way applications request system services in... 

Sophisticated and targeted malwares, which today are known as Advanced Persistent Threats (APTs), use multi-step, distributed, hybrid and low-level patterns to leak and exfiltrate information, manipulate data, or prevent progression of a program or mission. Since current intrusion detection systems (IDSs) and alert correlation systems do not correlate low-level operating system events with network events and use alert correlation instead of event correlation, the intruders use low and hybrid events in order to distribute the attack vector, hide malwares behaviors, and therefore make detection difficult for such detection systems. In this paper, a new approach for detecting hybrid and... 

Today, many applications produce and use time series data. The data of this type may contain sensitive information. So they should be protected against unauthorized accesses. In this paper, security issues of time series data are identified and an access and inference control model for satisfying the identified security requirements is proposed. Using this model, administrators can define authorization rules based on various time-based granularities (e.g. day or month) and apply value-based constraints over the accessed times series data. Furthermore, they can define policy rules over the composition of multiple time-series other than the base time-series data. Detecting and resolving... 

In present work, first, the water-stable metal–organic framework (MOF) nanocrystals, UiO-66-(F)4, were synthesized under green reaction condition and then some PES/PA thin-film nanocomposite (TFN) membranes were prepared using this synthesized nanocrystals (as modifier) and polyethersulfone (as the substrate). The obtained MOF and membranes were characterized by various characterization techniques such as FE-SEM, AFM, PXRD, contact angle measurements and FT-IR spectroscopy. Finally, the forward osmosis performance of the resultant membranes was evaluated by using different concentrations of NaCl as a draw solution and deionized water as a feed solution. Among all used membranes, the membrane... 

In this study, first, the UiO-66-NH2 metal-organic frameworks (MOFs) were modified with graphene quantum dots (GQDs) to facilitate the water attraction on MOF surface as well as improve their compatibility/affinity with the polyamide layer matrix of forward osmosis (FO) membranes. Next, to fabricate a new type of thin-film nanocomposite (TFN) membranes, the synthesized GQDs@UiO-66-NH2 composites are incorporated into the polyamide (PA) selective layer of FO membranes during the interfacial polymerization reaction of m-phenylenediamine (MPD) and trimesoyl chloride (TMC). The influence of the prepared fillers on the chemical structure, morphology, surface roughness and hydrophilicity of the PA... 

Traditionally, to handle security for stand-alone computers and small networks, user authentication and access control mechanisms would be almost enough. However, considering distributed networks such as the Internet and pervasive environments, these kinds of approaches are confronted with flexibility challenges and scalability problems. This is mainly because open environments lack a central control, and users in them are not predetermined. In such ubiquitous computing environments, issues concerning security and trust become crucial. Adding trust to the existing security infrastructures would enhance the security of these environments. Although many trust models are proposed to deal with... 

By the immense growth of the Web-Based Social Networks (WBSNs), the role of trust in connecting people together through WBSNs is getting more important than ever. In other words, since the probability of malicious behavior in WBSNs is increasing, it is necessary to evaluate the reliability of a person before trying to communicate with. Hence, it is desirable to find out how much a person should trust another one in a network. The approach to answer this question is usually called trust inference. In this paper, we propose a new trust inference algorithm (Called RN-Trust) based on the resistive networks concept. The algorithm, in addition to being simple, resolves some problems of previously... 

Traditionally, to handle security for stand-alone computers and small networks, user authentication and access control mechanisms would be almost enough. However, considering distributed networks such as the Internet and pervasive environments, these kinds of approaches confront with flexibility challenges and scalability problems. This is mainly because of that open environments lack a central control, and users in them are not predetermined, in such ubiquitous computing environments, issues concerning security and trust become crucial. Adding trust to the existing security infrastructures would enhance the security of these environments. Although many trust models have been proposed to... 

Mandatory access control has traditionally been employed as a robust security mechanism in critical environments like military ones. As computing technology becomes more pervasive and mobile services are deployed, applications will need flexible access control mechanisms. Aggregating mandatory models with context-awareness would provide us with essential means to define dynamic policies needed in critical environments. In this paper, we introduce a dynamic context-aware mandatory access control model which enables us to specify dynamic confidentiality and integrity policies using contextual constraints. © 2008 Springer-Verlag  

With the advent of semantic technology, access control cannot be done in a safe way unless the access decision takes into account the semantic relationships between entities in a semantic-aware environment. SBAC model considers this issue in the decision making process. However, time plays a crucial role in new computing environments which is not supported in this model. In this paper we introduce temporal semantic based access control model (TSBAC), as an extension of SBAC model, which enhances the specification of user-defined authorization rules by constraining time interval and temporal expression over users' history of accesses. A formal semantics for temporal authorizations is provided...