From model-driven specification to design-level set-based analysis of XACML policies
作者: Azzam Mourad , Hanine Tout , Chamseddine Talhi , Hadi Otrok , Hamdi Yahyaoui
DOI: 10.1016/J.COMPELECENG.2015.09.021
关键词: Computer security 、 Markup language 、 Access control 、 Syntax (programming languages) 、 XACML 、 Computer science 、 Process (engineering) 、 De facto standard 、 Policy analysis 、 Web service
摘要: We provide UML profile for model-driven specification of XACML policies.We propose a set-based design-level policy analysis approach.We devise algorithms detection conflicts, redundancies, and flaws.We dynamic policies evaluation to control access critical resources. Display Omitted With lot hype surrounding policy-based computing, (eXtensible Access Control Markup Language) has become the widely used de facto standard managing open distributed service-based environments like Web services. However, any other language, complex syntax, which makes process both time consuming error prone, especially with large size that govern systems. Moreover, diversity rules conditions, hidden redundancies flaws are more likely arise, expose services security breaches at runtime. This paper proposes allows systematic resolve complexity designation. Based on mathematical sets explore meanings, provides also detect anomalies in specified policies, prior their enforcement system. A real life case study demonstrates feasibility efficiency proposition.
core.ac.uk
etsmtl.ca
elsevier.com
sci-hub.se 参考文章(25)
Inaya Yahya, Sameh Hbaieb Turki, Anis Charfi, Slim Kallel, Rafik Bouaziz, An Aspect-Oriented Approach to Enforce Security Properties in Business Processes international conference on service oriented computing. pp. 344- 355 ,(2012) , 10.1007/978-3-642-37804-1_35
Hanine Tout, Chamseddine Talhi, Nadjia Kara, Azzam Mourad, Towards an offloading approach that augments multi-persona performance and viability consumer communications and networking conference. pp. 455- 460 ,(2015) , 10.1109/CCNC.2015.7158018
Hanine Tout, Azzam Mourad, Hamdi Yahyaoui, Chamseddine Talhi, Hadi Otrok, Towards a BPEL model-driven approach for Web services security conference on privacy, security and trust. pp. 120- 127 ,(2012) , 10.1109/PST.2012.6297928
Hamdi Yahyaoui, Azzam Mourad, Mohamed Almulla, Lina Yao, Quan Z Sheng, None, A synergy between context-aware policies and AOP to achieve highly adaptable Web services service-oriented computing and applications. ,vol. 6, pp. 379- 392 ,(2012) , 10.1007/S11761-012-0113-3
Azzam Mourad, Hussein Jebbaoui, SBA-XACML Expert Systems With Applications. ,vol. 42, pp. 165- 178 ,(2015) , 10.1016/J.ESWA.2014.07.031
Robayet Nasim, Sonja Buchegger, XACML-Based Access Control for Decentralized Online Social Networks ieee acm international conference utility and cloud computing. pp. 671- 676 ,(2014) , 10.1109/UCC.2014.108
Hanine Tout, Azzam Mourad, Chamseddine Talhi, Hadi Otrok, AOMD approach for context-adaptable and conflict-free Web services composition Computers & Electrical Engineering. ,vol. 44, pp. 200- 217 ,(2015) , 10.1016/J.COMPELECENG.2015.04.004
Hussein Jebbaoui, Azzam Mourad, Hadi Otrok, Ramzi Haraty, Semantics-based approach for detecting flaws, conflicts and redundancies in XACML policies Computers & Electrical Engineering. ,vol. 44, pp. 91- 103 ,(2015) , 10.1016/J.COMPELECENG.2014.12.012
Hanine Tout, Azzam Mourad, Hadi Otrok, XrML-RBLicensing approach adapted to the BPEL process of composite web services service oriented computing and applications. ,vol. 7, pp. 217- 230 ,(2013) , 10.1007/S11761-013-0127-5
Marianne Busch, Nora Koch, Massimiliano Masi, Rosario Pugliese, Francesco Tiezzi, Towards model-driven development of access control policies for web applications Proceedings of the Workshop on Model-Driven Security - MDsec '12. pp. 4- ,(2012) , 10.1145/2422498.2422502