Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems - Université de Nantes Accéder directement au contenu
Communication Dans Un Congrès Année : 2015

Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems

Résumé

Security is a critical concern for any information system. Security properties such as confidentiality, integrity and availability need to be enforced in order to make systems safe. In complex environments, where information systems are composed of a number of heterogeneous subsystems, each must participate in their achievement. Therefore, security integration mechanisms are needed in order to 1) achieve the global security goal and 2) facilitate the analysis of the security status of the whole system. For the specific case of access-control, access-control policies may be found in several components (databases, networks and applications) all, supposedly, working together in order to meet the high level security property. In this work we propose an integration mechanism for access-control policies to enable the analysis of the system security. We rely on model-driven technologies and the XACML standard to achieve this goal.

Domaines

Génie logiciel [cs.SE]
Fichier principal
Vignette du fichier
SEC2015.pdf (311.64 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Salvador Martínez  : Connectez-vous pour contacter le contributeur

https://inria.hal.science/hal-01152528

Soumis le : lundi 18 mai 2015-10:17:42

Dernière modification le : vendredi 5 janvier 2024-03:25:00

Archivage à long terme le : jeudi 20 avril 2017-00:40:16

Télécharger pour visualiser

Dates et versions

hal-01152528 , version 1 (18-05-2015)

Identifiants

Citer

Salvador Martínez, Joaquin Garcia-Alfaro, Frédéric Cuppens, Nora Cuppens-Bouhlahia, Jordi Cabot. Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.218-233, ⟨10.1007/978-3-319-18467-8_15⟩. ⟨hal-01152528⟩

Exporter

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

UNIV-BREST UNIV-NANTES INSTITUT-TELECOM CNRS INRIA LINA TELECOM-SUDPARIS INFO ENIB LAB-STICC_ENIB IFIP IFIP-AICT LAB-STICC INRIA2 IFIP-TC IFIP-TC11 IFIP-AICT-455 IFIP-SEC LAB-STICC_TB LS2N IMT-ATLANTIQUE NANTES-UNIVERSITE
373 Consultations
248 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More