From model-driven specification to design-level set-based analysis of XACML policies
With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Language) has become the widely used de facto standard for managing access to open and distributed service-based environments like Web services. However, like any other policy language, XACML has complex syn...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , , , |
| Format: | article |
| Published: |
2016
|
| Online Access: | http://hdl.handle.net/10725/5181 http://dx.doi.org/10.1016/j.compeleceng.2015.09.021 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://www.sciencedirect.com/science/article/pii/S0045790615003420 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513465355337728 |
|---|---|
| author | Mourad, Azzam |
| author2 | Tout, Hanine Talhi, Chamseddine Otrok, Hadi Yahyaoui, Hamdi |
| author2_role | author author author author |
| author_facet | Mourad, Azzam Tout, Hanine Talhi, Chamseddine Otrok, Hadi Yahyaoui, Hamdi |
| author_role | author |
| dc.creator.none.fl_str_mv | Mourad, Azzam Tout, Hanine Talhi, Chamseddine Otrok, Hadi Yahyaoui, Hamdi |
| dc.date.none.fl_str_mv | 2016 2017-02-06T07:41:09Z 2017-02-06T07:41:09Z 2017-02-06 |
| dc.identifier.none.fl_str_mv | 0045-7906 http://hdl.handle.net/10725/5181 http://dx.doi.org/10.1016/j.compeleceng.2015.09.021 Mourad, A., Tout, H., Talhi, C., Otrok, H., & Yahyaoui, H. (2016). From model-driven specification to design-level set-based analysis of XACML policies. Computers & Electrical Engineering, 52, 65-79. http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://www.sciencedirect.com/science/article/pii/S0045790615003420 |
| dc.language.none.fl_str_mv | en |
| dc.relation.none.fl_str_mv | Computers & Electrical Engineering |
| dc.rights.*.fl_str_mv | info:eu-repo/semantics/openAccess |
| dc.title.none.fl_str_mv | From model-driven specification to design-level set-based analysis of XACML policies |
| dc.type.none.fl_str_mv | Article info:eu-repo/semantics/publishedVersion info:eu-repo/semantics/article |
| description | With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Language) has become the widely used de facto standard for managing access to open and distributed service-based environments like Web services. However, like any other policy language, XACML has complex syntax, which makes the policies specification process both time consuming and error prone, especially with large size policies that govern complex systems. Moreover, with the diversity of rules and conditions, hidden conflicts, redundancies and access flaws are more likely to arise, which expose Web services to security breaches at runtime. This paper proposes a UML profile that allows systematic model-driven specification of XACML policies to resolve the complexity of policies designation. Based on mathematical sets that explore the rules meanings, the paper provides also a design-level analysis to detect anomalies in the specified policies, prior to their enforcement in the system. A real life case study demonstrates the feasibility and efficiency of the proposition. |
| eu_rights_str_mv | openAccess |
| format | article |
| id | LAURepo_8aaaad180a1d666316d4cd738f6d5b01 |
| identifier_str_mv | 0045-7906 Mourad, A., Tout, H., Talhi, C., Otrok, H., & Yahyaoui, H. (2016). From model-driven specification to design-level set-based analysis of XACML policies. Computers & Electrical Engineering, 52, 65-79. |
| language_invalid_str_mv | en |
| network_acronym_str | LAURepo |
| network_name_str | Lebanese American University repository |
| oai_identifier_str | oai:laur.lau.edu.lb:10725/5181 |
| publishDate | 2016 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| spelling | From model-driven specification to design-level set-based analysis of XACML policiesMourad, AzzamTout, HanineTalhi, ChamseddineOtrok, HadiYahyaoui, HamdiWith lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Language) has become the widely used de facto standard for managing access to open and distributed service-based environments like Web services. However, like any other policy language, XACML has complex syntax, which makes the policies specification process both time consuming and error prone, especially with large size policies that govern complex systems. Moreover, with the diversity of rules and conditions, hidden conflicts, redundancies and access flaws are more likely to arise, which expose Web services to security breaches at runtime. This paper proposes a UML profile that allows systematic model-driven specification of XACML policies to resolve the complexity of policies designation. Based on mathematical sets that explore the rules meanings, the paper provides also a design-level analysis to detect anomalies in the specified policies, prior to their enforcement in the system. A real life case study demonstrates the feasibility and efficiency of the proposition.PublishedN/A2017-02-06T07:41:09Z2017-02-06T07:41:09Z20162017-02-06Articleinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/article0045-7906http://hdl.handle.net/10725/5181http://dx.doi.org/10.1016/j.compeleceng.2015.09.021Mourad, A., Tout, H., Talhi, C., Otrok, H., & Yahyaoui, H. (2016). From model-driven specification to design-level set-based analysis of XACML policies. Computers & Electrical Engineering, 52, 65-79.http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.phphttp://www.sciencedirect.com/science/article/pii/S0045790615003420enComputers & Electrical Engineeringinfo:eu-repo/semantics/openAccessoai:laur.lau.edu.lb:10725/51812021-03-19T10:00:56Z |
| spellingShingle | From model-driven specification to design-level set-based analysis of XACML policies Mourad, Azzam |
| status_str | publishedVersion |
| title | From model-driven specification to design-level set-based analysis of XACML policies |
| title_full | From model-driven specification to design-level set-based analysis of XACML policies |
| title_fullStr | From model-driven specification to design-level set-based analysis of XACML policies |
| title_full_unstemmed | From model-driven specification to design-level set-based analysis of XACML policies |
| title_short | From model-driven specification to design-level set-based analysis of XACML policies |
| title_sort | From model-driven specification to design-level set-based analysis of XACML policies |
| url | http://hdl.handle.net/10725/5181 http://dx.doi.org/10.1016/j.compeleceng.2015.09.021 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://www.sciencedirect.com/science/article/pii/S0045790615003420 |