selected publications

• academic article

  • Revised Selected Papers of the 8th International Workshop on Data Privacy Management and Autonomous Spontaneous Security - Volume 8247.  .  2013
  • Editorial.  Journal of Information Security and Applications.  18:1-1. 2013
  • KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems.  Journal of Network and Computer Applications.  39:152-166. 2013
  • Management of stateful firewall misconfiguration.  Computers & Security.  39:64-85. 2013
  • Role Mining to Assist Authorization Governance.  International Journal of Secure Software Engineering.  3:45-64. 2012
  • Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security.  .  2011
  • A delegation model for extended RBAC.  International Journal of Information Security.  9:209-236. 2010

• blog posting

  • Misconfiguration Management of Network Security Components.  arXiv (Cornell University). 2019

• book

  • Data Privacy Management and Autonomous Spontaneus Security 2012

• chapter

  • Adapted Quantization Index Modulation for Database Watermarking.  Lecture notes in computer science. 120-134. 2015
  • Data Quality Evaluation in Medical Database Watermarking.  Studies in health technology and informatics. 2015
  • Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems.  IFIP advances in information and communication technology. 218-233. 2015
  • Model-Driven Extraction and Analysis of Network Security Policies.  Lecture notes in computer science. 52-68. 2013
  • Privacy-Aware Organisation-Based Access Control Model (PrivOrBAC).  IGI Global eBooks. 1656-1679. 2013
  • Towards an Access-Control Metamodel for Web Content Management Systems.  Lecture notes in computer science. 148-155. 2013
  • Detecting Control Flow in Smarphones: Combining Static and Dynamic Analyses.  Lecture notes in computer science. 33-47. 2012
  • Privacy-Aware Organisation-Based Access Control Model (PrivOrBAC).  Advances in information security, privacy, and ethics book series. 335-360. 2012
  • Using Requirements Engineering in an Automatic Security Policy Derivation Process.  Lecture notes in computer science. 155-172. 2012
  • MIRAGE: A Management Tool for the Analysis and Deployment of Network Security Policies.  Lecture notes in computer science. 203-215. 2011
  • A Service Dependency Model for Cost-Sensitive Intrusion Response.  Lecture notes in computer science. 626-642. 2010
  • Contextual Privacy Management in Extended Role Based Access Control Model.  Lecture notes in computer science. 121-135. 2010
  • Medical Image Integrity Control Combining Digital Signature and Lossless Watermarking.  Lecture notes in computer science. 153-162. 2010
  • Privacy Administration in Distributed Service Infrastructure.  Security and Privacy in Communication Networks. 53-70. 2010
  • An Extended Role-Based Access Control Model for Delegating Obligations.  Lecture notes in computer science. 127-137. 2009
  • Revocation Schemes for Delegation Licences.  Lecture notes in computer science. 190-205. 2008

• conference paper

  • Fine-grained privacy control for the RFID middleware of EPCglobal networks.  . 60-67. 2013
  • Privacy-enhanced filtering and collection middleware in EPCglobal networks.  . 1-8. 2013
  • Technical program committee.  . 1-2. 2013
  • Proceedings of the 5th international conference on Foundations and Practice of Security.  Foundations and Practice of Security. 2012
  • Privacy Enforcement of Composed Services in Cellular Networks.  . 1-8. 2011
  • Formalization and Management of Group Obligations.  IEEE International Symposium on Policies for Distributed Systems and Networks. 158-165. 2009
  • Context Ontology for Secure Interoperability.  . 821-827. 2008