Towards Automatic Integration of Or-BAC Security Policies Using Aspects
نویسندگان
چکیده
We propose a formal method to automatically integrate security rules regarding an access control policy (expressed in Or-BAC) in Java programs. Given an untrusted application and a set of Or-BAC security rules, our method derives corresponding AspectJ aspects. Derived aspects modify the behaviour of the underlying program so as to meet the policy. Then, these aspects are weaved into the target program (using the AspectJ compiler). The result is a trusted program on which the security policy is enforced. This approach was applied in order to secure the behaviour of a travel agency application.
منابع مشابه
Validation of Policy Integration Using Alloy
Organizations typically have multiple security policies operating together in the same system. The integration of multiple policies might be needed to achieve the desired security requirements. Validating this integrated policy is a non-trivial process. This paper addresses the problem of composing, modeling and validating the security policies. We show how the various approaches for composing ...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملDynamic Security Rules for Geo Data
A powerful and flexible authorization model should be able to cope with various security requirements. We show in this paper that we can use the Or-BAC model [1] to express security policies for spatial applications. We first add to Or-BAC the spatial predicates defined in the OpenGIS Geometry Model [2]. We then show how to model various types of spatial contexts. We finally use these spatial c...
متن کاملAdOrBAC: an administration model for Or-BAC
Even though the final objective of an access control model is to provide a framework to decide if actions performed by subjects on objects are permitted or not, it is not convenient to directly specify an access control policy using concepts of subjects, objects and actions. This is why the Role Based Access Control (RBAC) model suggests using the concept of role as a more abstract concept than...
متن کاملCooperation & Conflict in Transatlantic Defence and Security Structure
The both Atlantic side relations from the ancient time had been faced with too much challenge but the continuing of this relation is due to the common political and economical interests. The upper Atlantic and the two organizations (NATO, EU) still exist to gain the essential goals and the political and security connection which are boosting with the economical integration at the same time. But...
متن کامل