Por favor, use este identificador para citar o enlazar este ítem:
http://hdl.handle.net/10609/109815
Registro completo de metadatos
Campo DC | Valor | Lengua/Idioma |
---|---|---|
dc.contributor.author | Preda, Stere | - |
dc.contributor.author | Cuppens, Frederic | - |
dc.contributor.author | Cuppens, Nora | - |
dc.contributor.author | Garcia-Alfaro, Joaquin | - |
dc.contributor.author | Toutain, Laurent | - |
dc.contributor.other | Universitat Oberta de Catalunya (UOC) | - |
dc.contributor.other | Institut Mines-Télécom | - |
dc.date.accessioned | 2020-02-18T08:23:52Z | - |
dc.date.available | 2020-02-18T08:23:52Z | - |
dc.date.issued | 2009-08-24 | - |
dc.identifier.citation | Preda, S., Cuppens, F., Cuppens, N., García Alfaro, J. & Toutain, L. (2011). Dynamic deployment of context-aware access control policies for constrained security devices. Journal of Systems and Software, 84(7), 1144-1159. doi: 10.1016/j.jss.2011.02.005 | es |
dc.identifier.issn | 0164-1212MIAR | - |
dc.identifier.uri | http://hdl.handle.net/10609/109815 | - |
dc.description.abstract | Securing the access to a server, guaranteeing a certain level of protection over an encrypted communication channel, executing particular counter measures when attacks are detected are examples of security requirements. Such requirements are identi ed based on organizational purposes and expectations in terms of resource access and availability and also on system vulnerabilities and threats. All these requirements belong to the so-called security policy. Deploying the policy means enforcing, i.e., con guring, those security components and mechanisms so that the system behavior be nally the one speci ed by the policy. The deployment issue becomes more di cult as the growing organizational requirements and expectations generally leave behind the integration of new security functionalities in the information system: the information system will not always embed the necessary security functionalities for the proper deployment of contextual security requirements. To overcome this issue, our solution is based on a central entity approach which takes in charge unmanaged contextual requirements and dynamically redeploys the policy when context changes are detected by this central entity. We also present an improvement over the OrBAC (Organization-Based Access Control) model. Up to now, a controller based on a contextual OrBAC policy is passive, in the sense that it assumes policy evaluation triggered by access requests. Therefore, it does not allow reasoning about policy state evolution when actions occur. The modi cations introduced by our work overcome this limitation and provide a proactive version of the model by integrating concepts from action speci cation languages. | en |
dc.format.mimetype | application/pdf | - |
dc.language.iso | eng | - |
dc.publisher | Journal of Systems and Software | - |
dc.relation.ispartof | Journal of Systems and Software, 2011, 84(7) | - |
dc.relation.uri | https://doi.org/10.1016/j.jss.2011.02.005 | - |
dc.rights | CC BY-NC-ND | - |
dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/3.0/es/ | - |
dc.subject | IT security | en |
dc.subject | network security | en |
dc.subject | authorization | en |
dc.subject | OrBAC | en |
dc.subject | seguretat informàtica | ca |
dc.subject | seguridad informática | es |
dc.subject | seguretat de xarxes | ca |
dc.subject | seguridad de redes | es |
dc.subject | autorització | ca |
dc.subject | autorización | es |
dc.subject | OrBAC | ca |
dc.subject | OrBAC | es |
dc.subject.lcsh | Computer security | en |
dc.title | Dynamic deployment of context-aware access control policies for constrained security devices | - |
dc.type | info:eu-repo/semantics/article | - |
dc.subject.lemac | Seguretat informàtica | ca |
dc.subject.lcshes | Seguridad informática | es |
dc.rights.accessRights | info:eu-repo/semantics/openAccess | - |
dc.identifier.doi | 10.1016/j.jss.2011.02.005 | - |
dc.gir.id | AR/0000002455 | - |
dc.relation.projectID | info:eu-repo/grantAgreement/ANR-08-SEGI-018 | - |
dc.relation.projectID | info:eu-repo/grantAgreement/TSI2007-65406-C03-03 E-AEGIS | - |
dc.relation.projectID | info:eu-repo/grantAgreement/CONSOLIDER INGENIO 2010 CSD2007-0004 ARES | - |
dc.relation.projectID | info:eu-repo/grantAgreement/ICT FP7-257315 | - |
dc.type.version | info:eu-repo/semantics/submittedVersion | - |
Aparece en las colecciones: | Articles cientÍfics Articles |
Ficheros en este ítem:
Fichero | Descripción | Tamaño | Formato | |
---|---|---|---|---|
Garcia_Dynamic_JSS_pre.pdf | Pre-print | 1,09 MB | Adobe PDF | Visualizar/Abrir |
Comparte:
Este ítem está sujeto a una licencia Creative Commons Licencia Creative Commons