1. From model to mechanism : enforcing delegated authority in ssi with language-based securityMuhamed Turkanović, Vid Keršič, Alen Horvat, Dominik Beron, Špela Čučko, 2025, izvirni znanstveni članek Opis: Delegation of authority remains a critical yet insufficiently addressed capability in SelfSovereign Identity (SSI) systems. Building on an existing delegation model that introduced the concept of a Verifiable Mandate (VM) for expressing authority and access rights, this paper extends the approach with a rigorous formalization of delegation semantics, enabling unambiguous reasoning over roles, grants, and constraints. The formal model is aligned with standards from the World Wide Web Consortium (W3C), and its constructs are embedded into an extended credential schema that preserves compatibility with the Verifiable Credentials (VC) data model while introducing delegation-specific attributes. A generalized VM schema is defined, supporting both generic and business-specific instantiations, and ensuring structural and semantic interoperability. Policy compliance is operationalized through a policy-based enforcement architecture, where rules are authored in the Rego language and evaluated at runtime by the Open Policy Agent (OPA). The architecture incorporates trusted registries for schema and policy distribution, allowing verifiers to define and enforce context-specific delegation rules in a modular and interoperable manner. Validation through realistic scenarios, such as postal service and academic use cases, demonstrates how formal semantics, schema validation, and language-based policy enforcement can be combined to enable secure, verifiable, and context-aware delegation in SSI ecosystems.
Ključne besede: self-sovereign identity, delegation, verifiable mandate, formalization, policy-based enforcement, verifiable credentials, blockchain, language-based security
Objavljeno v DKUM: 02.10.2025; Ogledov: 0; Prenosov: 3
 Celotno besedilo (1,46 MB) |
2. PALANTIR : An NFV-Based Security-as-a-Service Approach for Automating Threat MitigationMaxime Compastié, Antonio López Martínez, Carolina Fernandez, Manuel Gil Pérez, Stylianos Tsarsitalidis, George Xylouris, Izidor Mlakar, Michail Alexandros Kourtis, Valentino Šafran, 2023, izvirni znanstveni članek Opis: Small and medium enterprises are significantly hampered by cyber-threats as they have inherently limited skills and financial capacities to anticipate, prevent, and handle security incidents. The EU-funded PALANTIR project aims at facilitating the outsourcing of the security supervision to external providers to relieve SMEs/MEs from this burden. However, good practices for the operation of SME/ME assets involve avoiding their exposure to external parties, which requires a tightly defined and timely enforced security policy when resources span across the cloud continuum and need interactions. This paper proposes an innovative architecture extending Network Function Virtualisation to externalise and automate threat mitigation and remediation in cloud, edge, and on-premises environments. Our contributions include an ontology for the decision-making process, a Fault-and-Breach-Management-based remediation policy model, a framework conducting remediation actions, and a set of deployment models adapted to the constraints of cloud, edge, and on-premises environment(s). Finally, we also detail an implementation prototype of the framework serving as evaluation material.
Ključne besede: Security-as-a-Service, security orchestration, policy-driven management, virtual network functions, finite state machines, constraints programming
Objavljeno v DKUM: 06.02.2024; Ogledov: 334; Prenosov: 18
Celotno besedilo (963,42 KB)
Gradivo ima več datotek! Več... |
3. E-everything: e-commerce, e-government, e-household, e-democracy : conference proceedings2001 Ključne besede: electronic commerce, CD-ROM, computer diskette, compact disc, government, administration, budgets, democration, computer application, users, electronic money, electronic payments, security, data analysis, information system, information science, business, commerce, models, advertising, Internet, computer networks, electronic mail, services, media, public services, regional policy, cases, retail trade
Objavljeno v DKUM: 01.06.2012; Ogledov: 1989; Prenosov: 36
 Povezava na celotno besedilo |
4. E-everything: e-commerce, e-government, e-household, e-democracy : proceedings2001, zbornik Ključne besede: electronic commerce, government, administration, budgets, democration, computer application, users, electronic money, electronic payments, security, data analysis, information system, information science, business, commerce, models, advertising, Internet, computer networks, electronic mail, services, media, public services, regional policy, cases, retail trade
Objavljeno v DKUM: 01.06.2012; Ogledov: 2350; Prenosov: 60
Povezava na celotno besedilo |
