Model-Driven integration and analysis of Access-control policies in Multi-layer information systems

Salvador Martínez; Joaquin Garcia-Alfaro; Frédéric Cuppens; Nora Cuppens-Boulahia; Jordi Cabot

doi:10.1007/978-3-319-18467-8_15

Model-Driven integration and analysis of Access-control policies in Multi-layer information systems

Salvador Martínez, Joaquin Garcia-Alfaro, Frédéric Cuppens, Nora Cuppens-Boulahia, Jordi Cabot

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Security is a critical concern for any information system. Security properties such as confidentiality, integrity and availability need to be enforced in order to make systems safe. In complex environments, where information systems are composed of a number of heterogeneous subsystems, each must participate in their achievement. Therefore, security integration mechanisms are needed in order to 1) achieve the global security goal and 2) facilitate the analysis of the security status of the whole system. For the specific case of access-control, access-control policies may be found in several components (databases, networks and applications) all, supposedly, working together in order to meet the high level security property. In this work we propose an integration mechanism for access-control policies to enable the analysis of the system security. We rely on model-driven technologies and the XACML standard to achieve this goal.

Original language	English
Title of host publication	ICT Systems Security and Privacy Protection - 30th IFIP TC 11 International Conference, SEC 2015, Proceedings
Editors	Hannes Federrath, Dieter Gollmann
Publisher	Springer New York LLC
Pages	218-233
Number of pages	16
ISBN (Print)	9783319184661
DOIs	https://doi.org/10.1007/978-3-319-18467-8_15
Publication status	Published - 1 Jan 2015
Event	30th IFIP TC 11 International Information Security and Privacy Conference, SEC 2015 - Hamburg, Germany Duration: 26 May 2015 → 28 May 2015

Publication series

Name	IFIP Advances in Information and Communication Technology
Volume	455
ISSN (Print)	1868-4238

Conference

Conference	30th IFIP TC 11 International Information Security and Privacy Conference, SEC 2015
Country/Territory	Germany
City	Hamburg
Period	26/05/15 → 28/05/15

Access to Document

10.1007/978-3-319-18467-8_15

Cite this

Martínez, S., Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., & Cabot, J. (2015). Model-Driven integration and analysis of Access-control policies in Multi-layer information systems. In H. Federrath, & D. Gollmann (Eds.), ICT Systems Security and Privacy Protection - 30th IFIP TC 11 International Conference, SEC 2015, Proceedings (pp. 218-233). (IFIP Advances in Information and Communication Technology; Vol. 455). Springer New York LLC. https://doi.org/10.1007/978-3-319-18467-8_15

Martínez, Salvador ; Garcia-Alfaro, Joaquin ; Cuppens, Frédéric et al. / Model-Driven integration and analysis of Access-control policies in Multi-layer information systems. ICT Systems Security and Privacy Protection - 30th IFIP TC 11 International Conference, SEC 2015, Proceedings. editor / Hannes Federrath ; Dieter Gollmann. Springer New York LLC, 2015. pp. 218-233 (IFIP Advances in Information and Communication Technology).

@inproceedings{74ebf6a87c8241618420619d133235d8,

title = "Model-Driven integration and analysis of Access-control policies in Multi-layer information systems",

abstract = "Security is a critical concern for any information system. Security properties such as confidentiality, integrity and availability need to be enforced in order to make systems safe. In complex environments, where information systems are composed of a number of heterogeneous subsystems, each must participate in their achievement. Therefore, security integration mechanisms are needed in order to 1) achieve the global security goal and 2) facilitate the analysis of the security status of the whole system. For the specific case of access-control, access-control policies may be found in several components (databases, networks and applications) all, supposedly, working together in order to meet the high level security property. In this work we propose an integration mechanism for access-control policies to enable the analysis of the system security. We rely on model-driven technologies and the XACML standard to achieve this goal.",

author = "Salvador Mart{\'i}nez and Joaquin Garcia-Alfaro and Fr{\'e}d{\'e}ric Cuppens and Nora Cuppens-Boulahia and Jordi Cabot",

note = "Publisher Copyright: {\textcopyright} IFIP International Federation for Information Processing 2015.; 30th IFIP TC 11 International Information Security and Privacy Conference, SEC 2015 ; Conference date: 26-05-2015 Through 28-05-2015",

year = "2015",

month = jan,

day = "1",

doi = "10.1007/978-3-319-18467-8\_15",

language = "English",

isbn = "9783319184661",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer New York LLC",

pages = "218--233",

editor = "Hannes Federrath and Dieter Gollmann",

booktitle = "ICT Systems Security and Privacy Protection - 30th IFIP TC 11 International Conference, SEC 2015, Proceedings",

}

Martínez, S, Garcia-Alfaro, J, Cuppens, F, Cuppens-Boulahia, N & Cabot, J 2015, Model-Driven integration and analysis of Access-control policies in Multi-layer information systems. in H Federrath & D Gollmann (eds), ICT Systems Security and Privacy Protection - 30th IFIP TC 11 International Conference, SEC 2015, Proceedings. IFIP Advances in Information and Communication Technology, vol. 455, Springer New York LLC, pp. 218-233, 30th IFIP TC 11 International Information Security and Privacy Conference, SEC 2015, Hamburg, Germany, 26/05/15. https://doi.org/10.1007/978-3-319-18467-8_15

Model-Driven integration and analysis of Access-control policies in Multi-layer information systems. / Martínez, Salvador; Garcia-Alfaro, Joaquin; Cuppens, Frédéric et al.
ICT Systems Security and Privacy Protection - 30th IFIP TC 11 International Conference, SEC 2015, Proceedings. ed. / Hannes Federrath; Dieter Gollmann. Springer New York LLC, 2015. p. 218-233 (IFIP Advances in Information and Communication Technology; Vol. 455).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Model-Driven integration and analysis of Access-control policies in Multi-layer information systems

AU - Martínez, Salvador

AU - Garcia-Alfaro, Joaquin

AU - Cuppens, Frédéric

AU - Cuppens-Boulahia, Nora

AU - Cabot, Jordi

PY - 2015/1/1

Y1 - 2015/1/1

N2 - Security is a critical concern for any information system. Security properties such as confidentiality, integrity and availability need to be enforced in order to make systems safe. In complex environments, where information systems are composed of a number of heterogeneous subsystems, each must participate in their achievement. Therefore, security integration mechanisms are needed in order to 1) achieve the global security goal and 2) facilitate the analysis of the security status of the whole system. For the specific case of access-control, access-control policies may be found in several components (databases, networks and applications) all, supposedly, working together in order to meet the high level security property. In this work we propose an integration mechanism for access-control policies to enable the analysis of the system security. We rely on model-driven technologies and the XACML standard to achieve this goal.

AB - Security is a critical concern for any information system. Security properties such as confidentiality, integrity and availability need to be enforced in order to make systems safe. In complex environments, where information systems are composed of a number of heterogeneous subsystems, each must participate in their achievement. Therefore, security integration mechanisms are needed in order to 1) achieve the global security goal and 2) facilitate the analysis of the security status of the whole system. For the specific case of access-control, access-control policies may be found in several components (databases, networks and applications) all, supposedly, working together in order to meet the high level security property. In this work we propose an integration mechanism for access-control policies to enable the analysis of the system security. We rely on model-driven technologies and the XACML standard to achieve this goal.

U2 - 10.1007/978-3-319-18467-8_15

DO - 10.1007/978-3-319-18467-8_15

M3 - Conference contribution

AN - SCOPUS:84942563951

SN - 9783319184661

T3 - IFIP Advances in Information and Communication Technology

SP - 218

EP - 233

BT - ICT Systems Security and Privacy Protection - 30th IFIP TC 11 International Conference, SEC 2015, Proceedings

A2 - Federrath, Hannes

A2 - Gollmann, Dieter

PB - Springer New York LLC

T2 - 30th IFIP TC 11 International Information Security and Privacy Conference, SEC 2015

Y2 - 26 May 2015 through 28 May 2015

ER -

Martínez S, Garcia-Alfaro J, Cuppens F, Cuppens-Boulahia N, Cabot J. Model-Driven integration and analysis of Access-control policies in Multi-layer information systems. In Federrath H, Gollmann D, editors, ICT Systems Security and Privacy Protection - 30th IFIP TC 11 International Conference, SEC 2015, Proceedings. Springer New York LLC. 2015. p. 218-233. (IFIP Advances in Information and Communication Technology). doi: 10.1007/978-3-319-18467-8_15

Model-Driven integration and analysis of Access-control policies in Multi-layer information systems

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this