Modeling contextual security policies

被引:0
|
作者
Frédéric Cuppens
Nora Cuppens-Boulahia
机构
[1] GET/ENST Bretagne,
来源
International Journal of Information Security | 2008年 / 7卷
关键词
Security policy; Context awareness; Access control; OrBAC;
D O I
暂无
中图分类号
学科分类号
摘要
As computer infrastructures become more complex, security models must provide means to handle more flexible and dynamic requirements. In the Organization Based Access Control (OrBAC) model, it is possible to express such requirements using the notion of context. In OrBAC, each security rule (permission, prohibition, obligation or dispensation) only applies in a given context. A context is viewed as an extra condition that must be satisfied to activate a given security rule. In this paper, we present a taxonomy of different types of context and investigate the data the information system must manage in order to deal with these different contexts. We then explain how to model and evaluate them in the OrBAC model.
引用
收藏
页码:285 / 305
页数:20
相关论文
共 50 条
  • [31] A Contextual Guidance Approach to Software Security
    Schugerl, Philipp
    Walsh, David
    Rilling, Juergen
    Charland, Philippe
    2009 IEEE 33RD INTERNATIONAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE, VOLS 1 AND 2, 2009, : 867 - +
  • [32] Security Mechanisms Planning to Enforce Security Policies
    Bkakria, Anis
    Cuppens, Frederic
    Cuppens-Boulahia, Nora
    Gross-Amblard, David
    FOUNDATIONS AND PRACTICE OF SECURITY (FPS 2015), 2016, 9482 : 85 - 101
  • [33] Mandatory security policies for CORBA security model
    Westphall, CA
    Fraga, JD
    Westphall, CB
    Bianchi, SCS
    SECURITY IN THE INFORMATION SOCIETY: VISIONS AND PERSPECTIVES, 2002, 86 : 251 - 262
  • [34] Risking Security: Policies and Paradoxes of Cyberspace Security
    Deibert, Ronald J.
    Rohozinski, Rafal
    INTERNATIONAL POLITICAL SOCIOLOGY, 2010, 4 (01) : 15 - 32
  • [35] Policies for Contextual Bandit Problems with Count Payoffs
    Gisselbrecht, Thibault
    Lamprier, Sylvain
    Gallinari, Patrick
    2015 IEEE 27TH INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE (ICTAI 2015), 2015, : 542 - 549
  • [36] Tourism Policies of Bangladesh-A Contextual Analysis
    Hassan, Azizul
    Burns, Peter
    TOURISM PLANNING & DEVELOPMENT, 2014, 11 (04) : 463 - 466
  • [37] Travelling policies and contextual considerations: on threshold criteria
    Nir, Adam
    Kondakci, Yasar
    Emil, Serap
    COMPARE-A JOURNAL OF COMPARATIVE AND INTERNATIONAL EDUCATION, 2018, 48 (01) : 21 - 38
  • [38] Implementation and In Situ Assessment of Contextual Privacy Policies
    Ortloff, Anna-Marie
    Windl, Maximiliane
    Schwind, Valentin
    Henze, Niels
    PROCEEDINGS OF THE 2020 ACM DESIGNING INTERACTIVE SYSTEMS CONFERENCE (DIS 2020), 2020, : 1765 - 1778
  • [39] Modeling Security Policies for Mitigating The Risk Of Load Altering Attacks On Smart Grid Systems
    Ryutov, Tatyana
    AlMajali, Anas
    Neuman, Clifford
    2015 WORKSHOP ON MODELING AND SIMULATION OF CYBER-PHYSICAL ENERGY SYSTEMS (MSCPES), 2015,
  • [40] Modeling and Enforcing Security and Service Control Policies using FlexRFID Middleware Healthcare Scenarios
    El Khaddar, Mehdia Ajana
    Chraibi, Mhammed
    Harroud, Hamid
    Boulmalf, Mohammed
    Elkoutbi, Mohammed
    Maach, Abdelilah
    2014 SCIENCE AND INFORMATION CONFERENCE (SAI), 2014, : 461 - 467
12345