Toward an abstract language on top of XACML for web services security
We introduce in this paper an abstract language on top of XACML (eXtensible Access Control Markup Language) for web services security. It is based on the automatic generation of XACML security policies from abstract XACML profile(s). Our proposed approach allows first to specify the XACML profiles,...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , , |
| Format: | conferenceObject |
| Published: |
2017
|
| Online Access: | http://hdl.handle.net/10725/5354 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6148453/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513465828245504 |
|---|---|
| author | Mourad, Azzam |
| author2 | Otrok, Hadi Yahyaoui, Hamdi Baajour, Lama |
| author2_role | author author author |
| author_facet | Mourad, Azzam Otrok, Hadi Yahyaoui, Hamdi Baajour, Lama |
| author_role | author |
| dc.creator.none.fl_str_mv | Mourad, Azzam Otrok, Hadi Yahyaoui, Hamdi Baajour, Lama |
| dc.date.none.fl_str_mv | 2017-03-10T09:06:27Z 2017-03-10T09:06:27Z 2017-03-10 |
| dc.identifier.none.fl_str_mv | 9781908320001 http://hdl.handle.net/10725/5354 Mourad, A., Otrok, H., Yahyaoui, H., & Baajour, L. (2011, December). Toward an abstract language on top of XACML for web services security. In Internet Technology and Secured Transactions (ICITST), 2011 International Conference for (pp. 254-259). IEEE. http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6148453/ |
| dc.language.none.fl_str_mv | en |
| dc.publisher.none.fl_str_mv | IEEE |
| dc.rights.*.fl_str_mv | info:eu-repo/semantics/openAccess |
| dc.title.none.fl_str_mv | Toward an abstract language on top of XACML for web services security |
| dc.type.none.fl_str_mv | Conference Paper / Proceeding info:eu-repo/semantics/publishedVersion info:eu-repo/semantics/conferenceObject |
| description | We introduce in this paper an abstract language on top of XACML (eXtensible Access Control Markup Language) for web services security. It is based on the automatic generation of XACML security policies from abstract XACML profile(s). Our proposed approach allows first to specify the XACML profiles, which are then translated using our intended compiler into XACML security policies. The main contributions of our approach are: (1) Describing dynamic security policies using an abstract and user friendly profile language on top of XACML, (2) generating automatically the the XACML policies and (3) separating the business and security concerns of composite web services, and hence developing them separately. Our solution address the problems related to the complexity and difficulty of specifying security policies in XACML and other standard languages. We tested the feasibility of our approach by developing the library system (LB) that is composed of several Web services and applying/realizing our approach to enforce security. |
| eu_rights_str_mv | openAccess |
| format | conferenceObject |
| id | LAURepo_87dfe6d520bec90e9764bc4164f065ca |
| identifier_str_mv | 9781908320001 Mourad, A., Otrok, H., Yahyaoui, H., & Baajour, L. (2011, December). Toward an abstract language on top of XACML for web services security. In Internet Technology and Secured Transactions (ICITST), 2011 International Conference for (pp. 254-259). IEEE. |
| language_invalid_str_mv | en |
| network_acronym_str | LAURepo |
| network_name_str | Lebanese American University repository |
| oai_identifier_str | oai:laur.lau.edu.lb:10725/5354 |
| publishDate | 2017 |
| publisher.none.fl_str_mv | IEEE |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| spelling | Toward an abstract language on top of XACML for web services securityMourad, AzzamOtrok, HadiYahyaoui, HamdiBaajour, LamaWe introduce in this paper an abstract language on top of XACML (eXtensible Access Control Markup Language) for web services security. It is based on the automatic generation of XACML security policies from abstract XACML profile(s). Our proposed approach allows first to specify the XACML profiles, which are then translated using our intended compiler into XACML security policies. The main contributions of our approach are: (1) Describing dynamic security policies using an abstract and user friendly profile language on top of XACML, (2) generating automatically the the XACML policies and (3) separating the business and security concerns of composite web services, and hence developing them separately. Our solution address the problems related to the complexity and difficulty of specifying security policies in XACML and other standard languages. We tested the feasibility of our approach by developing the library system (LB) that is composed of several Web services and applying/realizing our approach to enforce security.N/AIEEE2017-03-10T09:06:27Z2017-03-10T09:06:27Z2017-03-10Conference Paper / Proceedinginfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObject9781908320001http://hdl.handle.net/10725/5354Mourad, A., Otrok, H., Yahyaoui, H., & Baajour, L. (2011, December). Toward an abstract language on top of XACML for web services security. In Internet Technology and Secured Transactions (ICITST), 2011 International Conference for (pp. 254-259). IEEE.http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.phphttp://ieeexplore.ieee.org/abstract/document/6148453/eninfo:eu-repo/semantics/openAccessoai:laur.lau.edu.lb:10725/53542021-04-06T13:27:07Z |
| spellingShingle | Toward an abstract language on top of XACML for web services security Mourad, Azzam |
| status_str | publishedVersion |
| title | Toward an abstract language on top of XACML for web services security |
| title_full | Toward an abstract language on top of XACML for web services security |
| title_fullStr | Toward an abstract language on top of XACML for web services security |
| title_full_unstemmed | Toward an abstract language on top of XACML for web services security |
| title_short | Toward an abstract language on top of XACML for web services security |
| title_sort | Toward an abstract language on top of XACML for web services security |
| url | http://hdl.handle.net/10725/5354 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6148453/ |