A Constraint and Attribute Based Security Framework for Dynamic Role Assignment in Collaborative Environments

Cruz, Isabel F.; Gjomemo, Rigel; Lin, Benjamin; Orsini, Mirko

doi:10.1007/978-3-642-03354-4_24

Cited by 14 publications

(7 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For example, one early paper on web services states that ABAC "grants accesses to services based on the attributes possessed by the requester" [WWJ04], while a discussion of security in geographic information systems describes ABAC as an approach in which "attribute values associated with users determine the association of users with privileges" [CGLO09].…”

Section: A Working Definition Of Abacmentioning

confidence: 99%

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Hu¹,

Ferraiolo²,

Kühn³

et al. 2014

525

376

View full text Add to dashboard Cite

Section: A Working Definition Of Abacmentioning

confidence: 99%

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Hu¹,

Ferraiolo²,

Kühn³

et al. 2014

525

376

View full text Add to dashboard Cite

“…Similarly, the approach referred to as XACML+OWL [14] combines OWL with XACML [27], with a view to decouple the management of constraints and RBAC hierarchies from the specification and the enforcement of the actual XACML policies. On the other hand, approaches such as [8][18] combine RBAC with the Attribute Based Access control (ABAC) paradigm [42], in order to take into account attributes during the definition of policies and the access control decision.…”

Section: Related Workmentioning

confidence: 99%

Leveraging Ontologies upon a Holistic Privacy-Aware Access Control Model

Papagiannakopoulou

Koukovini

Lioudakis

et al. 2014

Foundations and Practice of Security

View full text Add to dashboard Cite

Abstract. Access control is a crucial concept in both ICT security and privacy, providing for the protection of system resources and personal data. The increasing complexity of nowadays systems has led to a vast family of solutions fostering comprehensive access control models, with the ability to capture a variety of parameters and to incorporate them in the decision making process. However, existing approaches are characterised by limitations regarding expressiveness. We present an approach that aims at overcoming such limitations. It is fully based on ontologies and grounded on a rich in semantics information model. The result is a privacy-aware solution that takes into consideration a variety of aspects and parameters, including attributes, context, dependencies between actions and entities participating therein, as well as separation and binding of duty constraints.

show abstract

“…Cruz et al [6] propose an ontology to model the dynamic aspects of role-based access control. The information infrastructure of the Olympic Games is used as the scenario to assess the proposed approach.…”

Section: Related Workmentioning

confidence: 99%

Design and Implementation of a Hybrid Ontological-Relational Data Repository for SIEM Systems

et al. 2013

View full text Add to dashboard Cite

Abstract:The technology of Security Information and Event Management (SIEM) becomes one of the most important research applications in the area of computer network security. The overall functionality of SIEM systems depends largely on the quality of solutions implemented at the data storage level, which is purposed for the representation of heterogeneous security events, their storage in the data repository, and the extraction of relevant data for analytical modules of SIEM systems. The paper discusses the key issues of design and implementation of a hybrid SIEM data repository, which combines relational and ontological data representations. Based on the analysis of existing SIEM systems and standards, the ontological approach is chosen as a core component of the repository, and an example of the ontological data model for vulnerabilities representation is outlined. The hybrid architecture of the repository is proposed for implementation in SIEM systems. Since the most of works on the repositories of SIEM systems is based on the relational data model, the paper focuses mainly on the ontological part of the hybrid approach. To test the repository we used the data model intended for attack modeling and security evaluation, which includes both ontological and relational dimensions.

show abstract

A Constraint and Attribute Based Security Framework for Dynamic Role Assignment in Collaborative Environments

Cited by 14 publications

References 16 publications

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Leveraging Ontologies upon a Holistic Privacy-Aware Access Control Model

Design and Implementation of a Hybrid Ontological-Relational Data Repository for SIEM Systems

Contact Info

Product

Resources

About