A DSL for specifying autonomic security management strategies
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Dynamic deployment of context-aware access control policies for constrained security devices
Journal of Systems and Software
A conceptual meta-model for secured information systems
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
| Hi-index | 0.00 |
During interoperability exchanges, organizations are jointly conducting computation and sharing tasks. However, organization scan have different security policies. To guarantee good interoperability exchanges, organizations need to share with other participants information about the services they provide. They also manage knowledge about their information system. To guarantee good interoperability exchanges, organizations need to share some pieces of their knowledge. By this way, they will inform other participants about specific services they provide. In addition, to be compliant with security requirements during interoperability, security policies have to be dynamic. One purpose of this paper is to provide this dynamic behavior by taking care about context of access parameters. The context-aware security requirements may be met by using a contextual access control model to define the security policy of each party involvedin the interaction, and OrBAC (Organization based Access Control) is an adequate model for this purpose. Elaborating an ontology based security model provides a mean to ensure sharing of understandable knowledge, in particular knowledge needed to derive the authorized accesses and usages during the interoperability sessions. In this paper, we thus suggest a context ontology to be combined with an ontological representation of the OrBAC model and show how it can be used to ease the security rules definition and derivation during interoperability sessions.