Modeling contextual security policies

International Journal of Information Security

Volumn 7, Issue 4, 2008, Pages 285-305

  Cuppens, Frédéric ^a   Cuppens Boulahia, Nora ^a  

^a ECOLE DES MINES DE NANTES   (France)

Author keywords

Access control; Context awareness; OrBAC; Security policy

Indexed keywords

ARSENIC COMPOUNDS; SECURITY SYSTEMS;

COMPUTER INFRASTRUCTURES; SECURITY MODELING; SECURITY POLICIES;

ACCESS CONTROL;

EID: 47649083260     PISSN: 16155262     EISSN: 16155270     Source Type: Journal    
DOI: 10.1007/s10207-007-0051-9     Document Type: Article

References (47)

1. Adam N., Atluri V. and Huang W.-K. (1998). Modeling and analysis of workflows using petri nets. J Int. Inf. Syst. 10(2): 131-158
2. Ahn G.-J. and Sandhu R. (2000). Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. 3(4): 207-226
3. Ahn, G.-J., Shin, M.E.: Role-based authorization constraints specification using object constraint language. In: 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2001), MA, USA, (2001)
4. Al-Kahtani, M.A., Sandhu, R.: A model for attribute-based uSer-role assignment. In: 18th Annual Computer Security Applications Conference (ACSAC'02), Las Vegas, Nevada, December 2002
5. Atluri, V., Huang, W.-K.: An authorization model for workflows. In: ESORICS'96, vol. 1146. LNCS (1996)
6. BeckeF, M., Sewell, P.: Cassandra: flexible trust management, applied to eelctronic health records. In: The Computer Security Foundations Workshop (CSFW), Pacific Grove, CA, June 2004
7. Bell, D.E., La PaduUa, L.J.: Secure computer systems: unified exposition and multics interpretation. Technical Report ESD-TR-75-306, MTR-2997, Rev. 1, MITRE Corporation, Bedfort, MA, March 1976
8. Bertino E., Bonatti P.A. and Ferrari E. (2001). A Temporal role-based access control model. ACM Trans. Inf. Syst. Secur. 4(3): 191-233
9. Bertino, E., Catania, E., Damiani, M., Persasca, P.: GEO-RBAC: A spatially aware RBAC. In: 10th ACM Symposium on Access Control Models and Technologies (SACMAT 2005), Chantilly, VA, USA, May 2001
10. Bertino E., Ferrari E. and Atluri V. (1999). An Authorization Model for Supporting the Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ACM Trans. Inf. Syst. Secur. 2(1): 65-104
11. Cholewka, D.G., Botha, R.A., Eloff, J.H.P.: A context-sensitive access control model and prototype implementation. In: IFIP TC 11 16th Annual Working Conference on Information Security, Beijing, China, August 2000
12. Open GIS Consortium. Open GIS Simple Features Specification for SQL. Revision January 1, 1999
13. Corradi, A., Montanari, R., Tibaldi, D.: Context-based access control in ubiquitous environments. In: 3rd IEEE International Symposium on Network Computing and Applications (NCA), August 2004
14. Covington, M.J., Long, W., Srinivasan, S., Dey, A., Ahamad, M., Abowd, G.: Securing context-aware applications using environment roles. In: 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), Chantilly, Virginia, USA, May 2001
15. Covington, M.J., Moyer, M.J., Ahamad, M.: Generalized role-based access control for securing future applications. In: Proceedings of the 23rd National Information Systems Security Conference, (NISSC), Baltimore, MD, USA, October 2000
16. Cuppens, F., Cuppens-Boulahia, N., Ben Ghorbel M.: High-level conflict management strategies in advanced access control models. Electronic Notes in Theoretical Computer Science (ENTCS), 186, July 2007
17. Cuppens, F., Cuppens-Boulahia, N., Miège, A.: Inheritance hierarchies in the Or-BAC Model and Application in a network environnement. In: 2nd Foundation of Computer Security Workshop, Turku, Finlande, July (2004)
18. Cuppens, F., Cuppens-Boulahia, N., Sans, T.: Nomad: A Security Model with Non Atomic Actions and Deadlines. In: The computer security foundations workshop (CSFW), Aix en Provence, France (2005)
19. Cuppens, F., Miège, A.: Modeling contexts in the Or-BAC model. In: 19th Annual Computer Security Applications Conference (ACSAC'03) 2003
20. Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language. In: International Workshop, Policies for Distributed Systems and Neworks (Policy 2001), Bristol, UK, January (2001)
21. Debar, H., Thomas, Y., Cuppens-Boulahia, N., Cuppens, F.: Using contextual security policies for threat response. In: Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) (2006)
22. Fischer-Hubner, S., Ott, A.: From a formal privacy model to its implementation. In: Proceedings of the 21st National Information Systems Security Conference (1998)
23. Fu, S., Xu C.-Z.: A coordinated spatio-temporal access control model for mobile computing in coalition environments. In: 19th IEEE International Parallel and Distributed Processing Symposium, April 2005
24. Georgiadis, C., Mavridis, I., Pangalos, G.: Context and role based hybrid access control for collaborative environments. In: Proceedings of the Fifth Nordic Workshop on Secure IT Systems - Encouraging Co-operation (NORDSEC 2000), Reykjavik, Iceland, October 2000
25. Georgiadis, C.K., Mavridis, I., Pangalos, G., Thomas R.K.: Flexible team-based access control using contexts. In: 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), Chantilly, VA, USA, May (2001)
26. Halpern, J., Weissman, V.: Using first-order logic to reason about policies. In: Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW'03) 2003
27. Hansen, F., Oleshchuk, V.: Spatial role-based access control model for wireless networks. In: IEEE 58th Vehicular Technology Conference, VTC 2003-Fall, vol. 3, October (2003)
28. Harrison M., Ruzzo W. and Ullman J. (1976). Protection in operating systems. CACM 19(8): 461-471
29. Holbein, R., Morger, O., Nitsche, U., Teufel, S.: Realization of a context-dependent access control mechanism on a commercial platform. In: IFIP 14th International Conference on Information Security (IFIP/ Sec'98), Vienna-Budapest, Austria-Hungary, August 31-September 4 1998
30. Jajodia S., Kudo M. and Subrahmanian V.S. (2001). Provisional authorizations. In: Ghosh, A. (eds) E-commerce Security and Privacy, pp 133-159. Kluwer, Norwell
31. Jajodia, S., Samarati, P., Subrahmanian, V.S.: A logical language for expressing authorizations. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 31-42, Oakland, CA, USA (1997)
32. Joshi J.B.D., Bertino E. and Ghafoor A. (2005). Analysis of expressiveness and design issues for a temporal role based access control model. IEEE Trans. Dependable Secur. Comput. 2(2): 157-175
33. Joshi J.B.D., Bertino E., Latif U. and Ghafoor A. (2005). Generalized temporal role-based access control model. IEEE Trans. Knowl. Data Eng. 17(1): 4-23
34. Kalam, A.A.E., El Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miège, A., Saurel, C., Trouessin, G.: Organization based access control. In: 8th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2003), Lake Como, Italy, June (2003)
35. Kudo, M., Hada, S.: XML document security based on provisional authorization. In: Proceedings of the 7th ACM Conference on Computer and Communication Security (CCS 2000). Athens, Greece (2000)
36. Kuhn, M.G.: Optical time-domain eavesdropping risks of CRT displays. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, Oakland, CA, USA (2002)
37. McDaniel, P.: On context in Authorization Policy. In: Proceedings of the 8th ACM Symposium On Access Control Models and Technologies (SACMAT 2003). Como, Italy, June 2003
38. Pan, F., Hobbs, J.: Time in OWL-S. In: AAAI Spring Symposium Series on Semantic Web Services. Palo Alto, CA, USA (2004)
39. Park J. and Sandhu R.S. (2004). The UCON ABC usage control model. ACM Trans. Inf. Sys. Secur. 7(1): 128-174
40. Sandhu R.S., Coyne E.J., Feinstein H.L. and Youman C.E. (1996). Role-based access control models. IEEE Comput. 29(2): 38-47
41. Sans, T., Cuppens, F., Cuppens-Boulahia, N.: A flexible and distributed architecture to enforce dynamic access control. In: 21st IFIP TC-11 International Information Security Conference (SEC 2006), Karlstad, Sweden, May 2006
42. Strembeck M. and Neumann G. (2004). An integrated approach to engineer and enforce context constraints in RBAC environements. ACM Trans. Inf. Sys. Secur. 7(3): 392-427
43. Thomas, R.K.: TMAC: A primitive for applying RBAC in collaborative environment. In: 2nd ACM, Workshop on RBAC, pp. 13-19. FairFax, VA (1997)
44. Toman D. (1997). Memoing evaluation for constraint extensions of datalog. Constraints 2(3/4): 337-359
45. Ullman J.D. (1989). Principles of Database and Knowledge-Base Systems, vol. II. Computer Science Press, New York
46. Wedde, H., Lischka, M.: Role-based access control in Ambient and remote Space. In: 9th ACM Symposium on Access Control Models and Technologies (SACMAT 2004), Yorktown Heights, New York, USA, June 2004
47. Zhang, G., Parashar, M.: Dynamic context-aware access control for grid applications. In: 4th International Wrokshop on Grid Computing, November (2003)