An Effective Modality Conflict Model for Identifying Applicable Policies During Policy Evaluation
Subject Areas : Databases, Data/Information QualityHamidah Ibrahim 1 , Fatimah Sidi 2 , Nur Izura Udzir 3 , Poh Kuang Teo 4
1 - Department of Computer Science
Faculty of Computer Science and Information Technology
2 - Department of Computer Science
Faculty of Computer Science and Information Technology
3 - Department of Computer Science
Faculty of Computer Science and Information Technology
4 - Department of Computer Science
Faculty of Computer Science and Information Technology
Keywords:
Abstract :
[1] Almutairi, A., Sarfraz, M., Basalamah, S., Aref, W., and Ghafoor, A. 2012. A Distributed Access Control Architecture for Cloud Computing. IEEE Software, 29(2), pp. 36-44.
[2] Ammar, N., Malik, Z., Bertino, E., & Rezgui, A. 2015. XACML Policy Evaluation with Dynamic Context Handling. IEEE Transactions on Knowledge and Data Engineering, 27(9), pp. 2575-2588.
[3] Bertino, E., Ghinita, G., and Kamra, A. 2011. Access Control for Databases: Concepts and Systems. Foundations and Trends in Databases, 3(1-2), pp. 1-148.
[4] Brodecki, B., Szychowiak, M., and Sasak, P. 2012. Security Policy Conflicts in Service Oriented Systems. New Generation Computing, 30(2-3), pp. 215-240.
[5] di Vimercati, S. D. C., Foresti, S., Jajodia, S., and Samarati, P. 2007. Access Control Policies and Languages in Open Environments. Secure Data Management in Decentralized Systems, pp. 21-58.
[6] Hu, H., Ahn, G., and Kulkarni, K. 2013. Discovery and Resolution of Anomalies in Web Access Control Policies. IEEE Transactions on Dependable and Secure Computing, 10(6), pp. 341-354.
[7] Jajodia, S., Samarati, P., Sapino, M. L., and Subrahmanian, V. 2001. Flexible Support for Multiple Access Control Policies. ACM Transactions on Database Systems (TODS), 26(2), pp. 214-260.
[8] Lin, D., Rao, P., Ferrini, R., Bertino, E., and Lobo, J. 2013. A Similarity Measure for Comparing XACML Policies. IEEE Transactions on Knowledge and Data Engineering, 25(9), pp. 1946-1959.
[9] Liu, A. X., Chen, F., Hwang, J., and Xie, T. 2011. Designing Fast and Scalable XACML Policy Evaluation Engines. IEEE Transactions on Computers, 60(12), pp. 1802-1817.
[10] Ngo, C., Demchenko, Y., and Laat, C. D. 2015. Decision Diagrams for XACML Policy Evaluation and Management. Journal of Computers and Security, 49, pp. 1-16.
[11] Priebe, T., Dobmeier, W., Schläger, C., and Kamprath, N. 2007. Supporting Attribute Based Access Control in Authorization and Authentication Infrastructures with Ontologies. Journal of Software, 2(1), pp. 27-38.
[12] Shaikh, R. A., Adi, K., and Logrippo, L. 2016. A Data Classification Method for Inconsistency and Incompleteness Detection in Access Control Policy Sets. International Journal of Information Security, pp. 1-23.
[13] Singh, K. and Singh, S. 2010. Design and Evaluation of XACML Conflict Policies Detection Mechanism. International Journal of Computer Science and Information Technology, 2, pp. 65-74.
[14] Adi, K., Bouzida, Y., Hattak, I., Logrippo, L., and Mankovskii, S. 2009. Typing for Conflict Detection in Access Control Policies. Proceedings of the 4th International Conference on E-Technologies (MCETECH), pp. 212-226.
[15] Bertino, E., Buccafurri, F., Ferrari, E., and Rullo, P. 1998. An Authorization Model and its Formal Semantics. Proceedings of the 5th European Symposium on Research in Computer Security (ESORICS), pp. 127-142.
[16] Damiani, E., di Vimercati, S. D. C., Fugazza, C., and Samarati, P. 2006. Modality Conflicts in Semantics Aware Access Control. Proceedings of the 6th International Conference on Web Engineering (ICWE), pp. 249-256.
[17] Dong, C., Russello, G., and Dulay, N. 2008. Flexible Resolution of Authorisation Conflicts in Distributed Systems. Proceedings of the 19th International Workshop on Distributed Systems: Operations and Management (DSOM), pp. 95-108.
[18] Fatema, K. and Chadwick, D. 2014. Resolving Policy Conflicts-Integrating Policies from Multiple Authors. Proceedings of the International Conference on Advanced Information Systems Engineering (CAiSE), pp. 310-321.
[19] Kamoda, H., Yamaoka, M., Matsuda, S., Broda, K., and Sloman, M. 2005. Policy Conflict Analysis using Free Variable Tableaux for Access Control in Web Services Environments. Proceedings of the 14th International World Wide Web Conference (WWW), pp. 121-126.
[20] Teo, P. K., Ibrahim, H., Udzir, N. I., and Sidi, F. 2013. Heterogeneity XACML Policy Evaluation Engine. Proceedings of the 2nd International Conference on Digital Enterprise and Information Systems(DEIS), pp. 230-238.
[21] Mohan, A., Blough, D. M., Kurc, T., Post, A., and Saltz, J. 2011. Detection of Conflicts and Inconsistencies in Taxonomy Based Authorization Policies. Proceedings of the 2011 IEEE International Conference on Bioinformatics and Biomedicine (BIBM), pp. 590-594.
[22] Neri, M. A., Guarnieri, M., Magri, E., Mutti, S., and Paraboschi, S. 2012. Conflict Detection in Security Policies using Semantic Web Technology. Proceedings of the 1st AESS European Conference on Satellite Telecommunications (ESTEL), pp. 1-6.
[23] Reul, Q. and Zhao, G. 2010. Enabling Access to Web Resources through SecPODE-based Annotations. Proceedings of the 2010 Confederated International Conferences on the Move to Meaningful Internet Systems (OTM), pp. 596-605.
[24] Russello, G., Dong, C., and Dulay, N. 2007. Authorisation and Conflict Resolution for Hierarchical Domains. Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 201-210.
[25] Stepien, B. and Felty, A. 2016. Using Expert Systems to Statically Detect “Dynamic” Conflicts in XACML. Proceedings of the 11th International Conference on Availability, Reliability and Security (ARES).
[26] Xia, X. 2012. A Conflict Detection Approach for XACML Policies on Hierarchical Resources. Proceedings of the 2012 IEEE International Conference on Green Computing and Communications (GREENCOM), pp. 755-760.
