Modeling contextual security policies

被引:0
|
作者
Frédéric Cuppens
Nora Cuppens-Boulahia
机构
[1] GET/ENST Bretagne,
来源
International Journal of Information Security | 2008年 / 7卷
关键词
Security policy; Context awareness; Access control; OrBAC;
D O I
暂无
中图分类号
学科分类号
摘要
As computer infrastructures become more complex, security models must provide means to handle more flexible and dynamic requirements. In the Organization Based Access Control (OrBAC) model, it is possible to express such requirements using the notion of context. In OrBAC, each security rule (permission, prohibition, obligation or dispensation) only applies in a given context. A context is viewed as an extra condition that must be satisfied to activate a given security rule. In this paper, we present a taxonomy of different types of context and investigate the data the information system must manage in order to deal with these different contexts. We then explain how to model and evaluate them in the OrBAC model.
引用
收藏
页码:285 / 305
页数:20
相关论文
共 50 条
  • [1] Modeling contextual security policies
    Cuppens, Frederic
    Cuppens-Boulahia, Nora
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2008, 7 (04) : 285 - 305
  • [2] Modeling context-based security policies with contextual graphs
    Mostéfaoui, GK
    Brézillon, P
    SECOND IEEE ANNUAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATIONS WORKSHOPS, PROCEEDINGS, 2004, : 28 - 32
  • [3] Information systems security policies: a contextual perspective
    Karyda, M
    Kiountouzis, E
    Kokolakis, S
    COMPUTERS & SECURITY, 2005, 24 (03) : 246 - 260
  • [4] Using contextual security policies for threat response
    Debar, Herve
    Thomas, Yohann
    Boulahia-Cuppens, Nora
    Cuppens, Frederic
    DETECTION OF INTRUSIONS AND MALWARE & VULNERABILITY ASSESSMENT, PROCEEDINGS, 2006, 4064 : 109 - 128
  • [5] Modeling Security Policies with Recommendations
    Essaouini, Nada
    El Kalam, Anas Abou
    Ouahman, Abdellah Ait
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2011, 11 (11): : 129 - 138
  • [6] Architecture-Aware Adaptive Deployment of Contextual Security Policies
    Preda, Stere
    Cuppens-Boulahia, Nora
    Cuppens, Frederic
    Toutain, Laurent
    FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS, 2010, : 87 - 95
  • [7] Modeling and Verification of ATM Security Policies with SecBPMN
    Salnitri, Mattia
    Giorgini, Paolo
    2014 INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING & SIMULATION (HPCS), 2014, : 588 - 591
  • [8] Managing security policies: Modeling, verification and configuration
    Al-Shaer, Ehab
    Neuman, Clifford
    Li, Hong
    Verma, Dinesh C.
    Chung, Anthony
    JOURNAL OF HIGH SPEED NETWORKS, 2006, 15 (03) : 207 - 208
  • [9] From State-based to Event-based Contextual Security Policies
    ElRakaiby, Yehia
    Cuppens, Frederic
    Cuppens-Boulahia, Nora
    2009 FOURTH INTERNATIONAL CONFERENCE ON DIGITAL INFORMATION MANAGEMENT, 2009, : 220 - 226
  • [10] FSM Modeling of Testing Security Policies for MapReduce Frameworks
    Hsaini, Sara
    Azzouzi, Salma
    Charaf, My El Hassan
    2019 6TH INTERNATIONAL CONFERENCE ON CONTROL, DECISION AND INFORMATION TECHNOLOGIES (CODIT 2019), 2019, : 1480 - 1485
12345