Modeling contextual security policies

被引:0
作者
Frédéric Cuppens
Nora Cuppens-Boulahia
机构
[1] GET/ENST Bretagne,
来源
International Journal of Information Security | 2008年 / 7卷
关键词
Security policy; Context awareness; Access control; OrBAC;
D O I
暂无
中图分类号
学科分类号
摘要
As computer infrastructures become more complex, security models must provide means to handle more flexible and dynamic requirements. In the Organization Based Access Control (OrBAC) model, it is possible to express such requirements using the notion of context. In OrBAC, each security rule (permission, prohibition, obligation or dispensation) only applies in a given context. A context is viewed as an extra condition that must be satisfied to activate a given security rule. In this paper, we present a taxonomy of different types of context and investigate the data the information system must manage in order to deal with these different contexts. We then explain how to model and evaluate them in the OrBAC model.
引用
收藏
页码:285 / 305
页数:20
相关论文
共 50 条
  • [41] Problem Analyses and Recommendations in DRM Security Policies
    Kim, Youngseek
    Howard, Jessica
    Ravindranath, Sharad
    Park, Joon S.
    INTELLIGENCE AND SECURITY INFORMATICS, PROCEEDINGS, 2008, 5376 : 165 - 178
  • [42] Security Policies as Membranes in Systems for Global Computing
    Gorla, Daniele
    Hennessy, Matthew
    Sassone, Vladimiro
    ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2005, 138 (01) : 23 - 42
  • [43] Supporting reconfigurable security policies for mobile programs
    Hashii, B
    Malabarba, S
    Pandey, R
    Bishop, M
    COMPUTER NETWORKS, 2000, 33 (1-6) : 77 - 93
  • [44] Dealing with Multi Security Policies in Communication Networks
    Abassi, Ryma
    El Fatmi, Sihem Guemara
    ICNS: 2009 FIFTH INTERNATIONAL CONFERENCE ON NETWORKING AND SERVICES, 2009, : 282 - 287
  • [45] Preparing for Cyber Threats with Information Security Policies
    Ilvonen, Ilona
    Virtanen, Pasi
    INTERNATIONAL JOURNAL OF CYBER WARFARE AND TERRORISM, 2013, 3 (04) : 22 - 31
  • [46] Privacy, Security and Policies of the Semantic Web: A Review
    Al Azwari, Sana
    JOURNAL OF ADVANCES IN INFORMATION TECHNOLOGY, 2022, 13 (01) : 85 - 94
  • [47] CBPM: An Approach for Contextual Business Process Modeling
    El Bouroumi, Jamal
    Guermah, Hatim
    Nassar, Mahmoud
    Kriouile, Abdelaziz
    2020 FOURTH INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTING IN DATA SCIENCES (ICDS), 2020,
  • [48] Adaptive identity and access management-contextual data based policies
    Hummer, Matthias
    Kunz, Michael
    Netter, Michael
    Fuchs, Ludwig
    Pernul, Guenther
    EURASIP JOURNAL ON INFORMATION SECURITY, 2016,
  • [49] Using Hierarchical Timed Coloured Petri Nets in the formal study of TRBAC security policies
    Ben Attia, Hasiba
    Kahloul, Laid
    Benhazrallah, Saber
    Bourekkache, Samir
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2020, 19 (02) : 163 - 187
  • [50] Specification and Deployment of Integrated Security Policies for Outsourced Data
    Bkakria, Anis
    Cuppens, Frederic
    Cuppens-Boulahia, Nora
    Gross-Amblard, David
    DATA AND APPLICATIONS SECURITY AND PRIVACY XXVIII, 2014, 8566 : 17 - 32
12345