Conformance Checking of Dynamic Access Control Policies

Power, Dermot; Slaymaker, Mark; Simpson, Andrew

doi:10.1007/978-3-642-24559-6_17

Cited by 11 publications

(4 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since policy constraints can be modeled using the Alloy language, several frameworks for policy analysis use Alloy as underlying building block [94,96,115,149,182,193].…”

Section: Alloymentioning

confidence: 99%

Methods and Tools for Policy Analysis

et al. 2019

View full text Add to dashboard Cite

Policy-based management of computer systems, computer networks and devices is a critical technology especially for present and future systems characterized by large-scale systems with autonomous devices, such as robots and drones. Maintaining reliable policy systems requires ecient and eective analysis approaches to ensure that the policies verify critical properties, such as correctness and consistency. In this paper, we present an extensive overview of methods for policy analysis. Then, we survey policy analysis systems and frameworks that have been proposed and compare them under various dimensions. We conclude the paper by outlining novel research directions in the area of policy analysis.

show abstract

“…Since policy constraints can be modeled using the Alloy language, several frameworks for policy analysis use Alloy as underlying building block [94,96,115,149,182,193].…”

Section: Alloymentioning

confidence: 99%

Methods and Tools for Policy Analysis

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Sybildefender [32], SybilInfer [11] and Sybilguard [33] focus on identifying sybil WBSN nodes. In addition, [26] works with policies that involve users' actions but they are applied for dynamic access control instead of provenance management.…”

Section: Related Workmentioning

confidence: 99%

$$SoNeUCON_{ABC}Pro$$SoNeUCONABCPro: An Access Control Model for Social Networks with Translucent User Provenance

González-Manzano

Slaymaker

Fuentes

et al. 2018

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

Self Cite

View full text Add to dashboard Cite

Abstract. Web-Based Social Networks (WBSNs) are used by millions of people worldwide. While WBSNs provide many benefits, privacy preservation is a concern. The management of access control can help to assure data is accessed by authorized users. However, it is critical to provide sufficient flexibility so that a rich set of conditions may be imposed by users. In this paper we coin the term user provenance to refer to tracing users actions to supplement the authorisation decision when users request access. For example restricting access to a particular photograph to those which have "liked" the owners profile. However, such a tracing of actions has the potential to impact the privacy of users requesting access. To mitigate this potential privacy loss the concept of translucency is applied. This paper extends SoN eU CONABC model and presents SoN eU CONABC P ro, an access control model which includes translucent user provenance. Entities and access control policies along with their enforcement procedure are formally defined. The evaluation demonstrates that the system satisfies the imposed goals and supports the feasibility of this model in different scenarios.

show abstract

“…The policies in ABAC expresses a complex Boolean rule set capable of evaluating many different attributes. The RBACbased model (Power et al, 2011) captures the disparities of access control policies relying on specific constraint-checks to administer interoperability. With the advent of mobile-based (Rodrigues et al, 2013a) and cloud-based solutions (Fernández-Cardeñosa et al, 2012), access to EHR is not limited to closed environments.…”

Section: Related Workmentioning

confidence: 99%

Hierarchy Similarity Analyser-An Approach to Securely Share Electronic Health Records

Bhartiya

Mehrotra

Girdhar³

2016

International Journal of E-Health and Medical Communications

View full text Add to dashboard Cite

Health professionals need an access to various dimensions of Electronic Health Records (EHR). Depending on technical constraints, each organization defines its own access control schema exhibiting heterogeneity in organizational rules and policies. Achieving interoperability between such schemas often result in contradictory rules thereby exposing data to undue disclosures. Permitting interoperable sharing of EHRs and simultaneously restricting unauthorized access is the major objective of this paper. An Extensible Access Control Markup Language (XACML)-based framework, Hierarchy Similarity Analyser (HSA), is proposed which fine-grains access control policies of disparate healthcare organizations to achieve interoperable and secured sharing of EHR under set authorizations. The proposed framework is implemented and verified using automated Access Control Policy Testing (ACPT) tool developed by NIST. Experimental results identify the users receive secured and restricted access as per their authorizations and role hierarchy in the organization.

show abstract

Conformance Checking of Dynamic Access Control Policies

Cited by 11 publications

References 23 publications

Methods and Tools for Policy Analysis

Methods and Tools for Policy Analysis

$$SoNeUCON_{ABC}Pro$$SoNeUCONABCPro: An Access Control Model for Social Networks with Translucent User Provenance

Hierarchy Similarity Analyser-An Approach to Securely Share Electronic Health Records

Contact Info

Product

Resources

About