Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems - ICT Systems Security and Privacy Protection Access content directly
Conference Papers Year : 2015

Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems

Abstract

Security is a critical concern for any information system. Security properties such as confidentiality, integrity and availability need to be enforced in order to make systems safe. In complex environments, where information systems are composed of a number of heterogeneous subsystems, each must participate in their achievement. Therefore, security integration mechanisms are needed in order to 1) achieve the global security goal and 2) facilitate the analysis of the security status of the whole system. For the specific case of access-control, access-control policies may be found in several components (databases, networks and applications) all, supposedly, working together in order to meet the high level security property. In this work we propose an integration mechanism for access-control policies to enable the analysis of the system security. We rely on model-driven technologies and the XACML standard to achieve this goal.

Domains

Software Engineering [cs.SE]
Fichier principal
Vignette du fichier
SEC2015.pdf (311.64 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Salvador Martínez  : Connect in order to contact the contributor

https://inria.hal.science/hal-01152528

Submitted on : Monday, May 18, 2015-10:17:42 AM

Last modification on : Friday, January 5, 2024-3:25:00 AM

Long-term archiving on: Thursday, April 20, 2017-12:40:16 AM

Download

Dates and versions

hal-01152528 , version 1 (18-05-2015)

Identifiers

Cite

Salvador Martínez, Joaquin Garcia-Alfaro, Frédéric Cuppens, Nora Cuppens-Bouhlahia, Jordi Cabot. Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.218-233, ⟨10.1007/978-3-319-18467-8_15⟩. ⟨hal-01152528⟩

Export

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

UNIV-BREST UNIV-NANTES INSTITUT-TELECOM CNRS INRIA LINA TELECOM-SUDPARIS INFO ENIB LAB-STICC_ENIB IFIP IFIP-AICT LAB-STICC INRIA2 IFIP-TC IFIP-TC11 IFIP-AICT-455 IFIP-SEC LAB-STICC_TB LS2N IMT-ATLANTIQUE NANTES-UNIVERSITE
373 View
248 Download

Altmetric

Share

Gmail Facebook X LinkedIn More