Specification and enforcement of flexible security policy for active cooperation

نویسندگان

  • Yuqing Sun
  • Bin Gong
  • Xiangxu Meng
  • Zongkai Lin
  • Elisa Bertino
چکیده

Although traditional access control models and their extensions can be content-aware or dynamically enforced based on predefined rules, they are still less expressive for above active security policies, especially without considering the transaction data and much more attributes with different impact factors. Flexible enforcement: allowing environmental factors to influence how and when security policy is enforced. Dynamically monitoring the state changes of an underlying system and take into account the changes into policy enforcement. Flexible adjustment: allowing smooth update of security policy without huge hop of legacy system operation

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Domain Based Internet Security Policy Management

Abstract. As security devices and protocols become widely used on the Internet, the task of managing and processing communication security policies grows steeply in its complexity. This paper presents a scaleable, robust, secure distributed system that can manage communication security policies associated with multiple network domains and resolving the policies — esp. those that specify the use...

متن کامل

A model for specification, composition and verification of access control policies and its application to web services

Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...

متن کامل

Semantic Security: Specification and Enforcement of Semantic Policies for Security-driven Collaborations

Collaborative research can often have demands on finer-grained security that go beyond the authentication-only paradigm as typified by many e-Infrastructure/Grid based solutions. Supporting finer-grained access control is often essential for domains where the specification and subsequent enforcement of authorization policies is needed. The clinical domain is one area in particular where this is...

متن کامل

Policy Specification Using Sequence Diagrams

With the ever increasing importance of computer networks such as the Internet, and the today almost ubiquitous online services, the needs for the management of these networks and services, as well as the management of the associated security, risk and trust are growing correspondingly. Policy based management of information systems has the last decade emerged as an adaptive and flexible approac...

متن کامل

A semantic-aware role-based access control model for pervasive computing environments

Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • Inf. Sci.

دوره 179  شماره 

صفحات  -

تاریخ انتشار 2009