Adaptive access control enforcement in social network using aspect weaving

Authors:
Frédéric Cuppens;Nora Cuppens-Boulahia;Eduardo Pena Viña
Affiliations:
Télécom Bretagne, Brest, France;Télécom Bretagne, Brest, France;Télécom Bretagne, Brest, France
Venue:
DASFAA'12 Proceedings of the 17th international conference on Database Systems for Advanced Applications
Year:
2012

Citing 11
Cited 0

Role-Based Access Control Models

Computer
On the validity of the Bell-LaPadula model

Computers and Security
Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
On the criteria to be used in decomposing systems into modules

Communications of the ACM
Security Through Aspect-Oriented Programming

Proceedings of the IFIP TC11 WG11.4 First Annual Working Conference on Network Security: Advances in Network and Distributed Systems Security
Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
AspectJ in Action: Practical Aspect-Oriented Programming

AspectJ in Action: Practical Aspect-Oriented Programming
A semantics for advice and dynamic join points in aspect-oriented programming

ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control, Second Edition

Role-Based Access Control, Second Edition
Modeling contextual security policies

International Journal of Information Security
An aspect-oriented approach to declarative access control for web applications

APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development

Quantified Score

Hi-index	0.00

Visualization

Abstract

Current social network systems support a large range of applications with very different security requirements. Even if available social network solutions provide some security functionalities, users do not control these functionalities and cannot customize them to handle their specific security needs. In this paper, we suggest a new approach to handle these issues. This approach is based on Aspect Oriented Programming (AOP) which enables the enforcement of an independent, reusable access control policy through the modification of the program at runtime. This makes possible to externalize the security concerns and weave them into an existing social network. Using this approach, it is possible to customize security of social network at different levels. First, one can specify the global security policy of the particular social network application and then, each member of this social network can further refine this global policy to specify their specific security requirements. This approach is illustrated on the open source social network system Elgg.