Model-based refinement of security policies in collaborative virtual organisations

Authors:
Benjamin Aziz;Alvaro E. Arenas;Michael Wilson
Affiliations:
School of Computing, University of Portsmouth, Portsmouth, UK;Department of Information Systems, Instituto de Empresa Business School, Madrid, Spain;e-Science Centre, STFC Rutherford Appleton Laboratory, Oxfordshire, UK
Venue:
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Year:
2011

Citing 14
Cited 3

A logic-based calculus of events

New Generation Computing
Conflict analysis for management policies

Proceedings of the fifth IFIP/IEEE international symposium on Integrated network management V : integrated management in a virtual world: integrated management in a virtual world
The Ponder Policy Specification Language

POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Toward Explicit Policy Management for Virtual Organizations

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Policy and Enforcement in Virtual Organizations

GRID '03 Proceedings of the 4th International Workshop on Grid Computing
A Goal-based Approach to Policy Refinement

POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Automated Decomposition of Access Control Policies

POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Policy Modeling and Refinement for Network Security Systems

POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Using Linear Temporal Model Checking for Goal-Oriented Policy Refinement Frameworks

POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
On trust management in grids

Proceedings of the 1st international conference on Autonomic computing and communication systems
ATL: A model transformation tool

Science of Computer Programming
Controlling Usage in Business Process Workflows through Fine-Grained Security Policies

TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
Ontology-based policy refinement using SWRL rules for management information definitions in OWL

DSOM'06 Proceedings of the 17th IFIP/IEEE international conference on Distributed Systems: operations and management
Transforming models with ATL

MoDELS'05 Proceedings of the 2005 international conference on Satellite Events at the MoDELS

Deriving implementation-level policies for usage control enforcement

Proceedings of the second ACM conference on Data and Application Security and Privacy
Model-Based usage control policy derivation

ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Designing flexible access control models for the cloud

Proceedings of the 6th International Conference on Security of Information and Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Policy refinement is the process of deriving low-level policies from high-level policy specifications. A basic example is that of the refinement of policies referring to users, resources and applications at a high level, such as the level of virtual organsiations, to policies referring to user ids, resource addresses and computational commands at the low level of system and network environments. This paper tackles the refinement problem by proposing an approach using model-to-model transformation techniques for transforming XACML-based VO policies to the resource level. Moreover, the transformation results in deployable policies referring to at most a single resource, hence avoiding the problem of cross-domain intereference. The applicability of our approach is demonstrated within the domain of distributed geographic map processing.