Modeling contextual security policies

被引:0
|
作者
Frédéric Cuppens
Nora Cuppens-Boulahia
机构
[1] GET/ENST Bretagne,
来源
International Journal of Information Security | 2008年 / 7卷
关键词
Security policy; Context awareness; Access control; OrBAC;
D O I
暂无
中图分类号
学科分类号
摘要
As computer infrastructures become more complex, security models must provide means to handle more flexible and dynamic requirements. In the Organization Based Access Control (OrBAC) model, it is possible to express such requirements using the notion of context. In OrBAC, each security rule (permission, prohibition, obligation or dispensation) only applies in a given context. A context is viewed as an extra condition that must be satisfied to activate a given security rule. In this paper, we present a taxonomy of different types of context and investigate the data the information system must manage in order to deal with these different contexts. We then explain how to model and evaluate them in the OrBAC model.
引用
收藏
页码:285 / 305
页数:20
相关论文
共 50 条
  • [1] Modeling contextual security policies
    Cuppens, Frederic
    Cuppens-Boulahia, Nora
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2008, 7 (04) : 285 - 305
  • [2] Information systems security policies: a contextual perspective
    Karyda, M
    Kiountouzis, E
    Kokolakis, S
    COMPUTERS & SECURITY, 2005, 24 (03) : 246 - 260
  • [3] Architecture-Aware Adaptive Deployment of Contextual Security Policies
    Preda, Stere
    Cuppens-Boulahia, Nora
    Cuppens, Frederic
    Toutain, Laurent
    FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS, 2010, : 87 - 95
  • [4] Framework for Modeling Security Policies of Big Data Processing Systems
    Poltavtseva, M. A.
    Ivanov, D. V.
    Zavadskii, E. V.
    AUTOMATIC CONTROL AND COMPUTER SCIENCES, 2023, 57 (08) : 1063 - 1070
  • [5] Framework for Modeling Security Policies of Big Data Processing Systems
    M. A. Poltavtseva
    D. V. Ivanov
    E. V. Zavadskii
    Automatic Control and Computer Sciences, 2023, 57 : 1063 - 1070
  • [6] Modeling XACML Security Policies Using Graph Databases
    Paniagua Diez, Fidel
    Vasu, Amrutha Chikkanayakanahalli
    Suarez Touceda, Diego
    Sierra Camara, Jose Maria
    IT PROFESSIONAL, 2017, 19 (06) : 52 - 57
  • [7] Security Analysis of Administrative Role-Based Access Control Policies with Contextual Information
    Khai Kim Quoc Dinh
    Tuan Duc Tran
    Anh Truong
    FUTURE DATA AND SECURITY ENGINEERING, 2017, 10646 : 243 - 261
  • [8] A Survey on Context Security Policies in the Cloud
    Verginadis, Yiannis
    Mentzas, Gregoris
    Veloudis, Simcon
    Paraskakis, Iraklis
    2015 IEEE/ACM 8TH INTERNATIONAL CONFERENCE ON UTILITY AND CLOUD COMPUTING (UCC), 2015, : 589 - 594
  • [9] Enforcing Multiple Security Policies for Android System
    Guo, Tao
    Zhang, Puhan
    Liang, Hongliang
    Shao, Shuai
    PROCEEDINGS OF THE 2ND INTERNATIONAL SYMPOSIUM ON COMPUTER, COMMUNICATION, CONTROL AND AUTOMATION, 2013, 68 : 165 - 169
  • [10] SECURITY POLICIES AND THEIR CONNECTION WITH SECURITY STRATEGY AND SECURITY MANAGEMENT
    LIPPOLD, H
    STELZER, D
    KONRAD, P
    WIRTSCHAFTSINFORMATIK, 1992, 34 (04): : 367 - 377
12345