Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
International Journal of Information Security
Published in: International Journal of Information Security 1/2018

09-01-2017 | Regular Contribution

Achieving dynamicity in security policies enforcement using aspects

Authors: Samiha Ayed, Muhammad Sabir Idrees, Nora Cuppens, Frederic Cuppens

Published in: International Journal of Information Security | Issue 1/2018

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

The dynamic configuration and evolution of large-scale heterogeneous systems has made the enforcement of security requirements one of the most critical phases throughout the system development lifecycle. In this paper, we propose a framework architecture to associate the security policies with the specification and the execution phases of applications defined for these systems. Our proposed framework is based on an aspect-oriented programming approach and on the organization-based access control model to dynamically enforce and manage the access and the usage control. The deployment of the framework modules, proposed in this paper, takes into account the changes that may occur in the security policy during the application execution. We also present the implementation as well as the evaluation of our proposition.
previous article Generalized Elias schemes for efficient harvesting of truly random bits
next article Black-box detection of XQuery injection and parameter tampering vulnerabilities in web applications

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
Footnotes
1
Due to legal reasons and to allow for flexible deployment, we consider that ITS center will send an advance notification of possible installation of application’s service-pack. This advance notification is intended to help user plan for the effective deployment of application.
 
Literature
1.
Alhadidi, D., Boukhtouta, A., Belblidia, N., Debbabi, M., Bhattacharya, P.: The dataflow pointcut: a formal and practical framework. In: AOSD ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 15–26. ACM, New York. (2009). doi:10.​1145/​1509239.​1509244. ISBN 978-1-60558-442-3
2.
Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma-Brebel, C.: MotOrBAC 2: a security policy tool. In: Sarssi’08: 3ème conférence sur la sécurité des architectures réseaux et des systèmes d’information. Loctudy (2008)
3.
Ayed, S., Idrees, M.S., Cuppens-Boulahia, N., Pinto, M., Fuentes, L., Cuppens, F.: Security aspects: a framework for enforcement of security policies using AOP. In: Sitis 2013: International Conference on Signal-Image Technology and Internet-Based Systems, ed. IEEE, pp. 301–308 (2013)
4.
Cannon, B., Wohlstadter, E.: Enforcing security for desktop clients using authority aspects. In Aosd ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 255–266. ACM, New York (2009). doi:10.​1145/​1509239.​1509275. ISBN 978-1-60558-442-3
5.
Cannon, B., Wohlstadter, E.: Enforcing security for desktop clients using authority aspects. In: Aosd ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 255–266. (2009). ISBN 978-1-60558-442-3
6.
Coma-Brebel, C.: Interopérabilité et cohérence de politiques de sécurité pour les réseaux auto-organisants. Th. doct.: Informatique, Institut Mines-Télécom-Télécom Bretagne-UBL (2009)
7.
Coma-Brebel, C., Cuppens-Boulahia, N., Cuppens, F., Cavalli, A.R.: A context ontology based approach for secure interoperability. In: HP-SUA 2007: HP Software University Association 2007. Garching/Munich (2007)
8.
Courbis, C., Finkelstein, A.: Weaving aspects into web service orchestrations. In: ICWS ’05: Proceedings of the IEEE International Conference on Web Services, pp. 219–226. IEEE Computer Society, Washington. (2005). doi:10.​1109/​ICWS.​2005.​129. ISBN 0-7695-2409-5
9.
10.
11.
Cuppens, F., Cuppens-Boulahia, N., Viña, E.P.: Adaptive access control enforcement in social network using aspect weaving. In: Proceedings of the 17th International Conference on Database Systems for Advanced Applications, pp. 154–167. (2012). ISBN 978-3-642-29022-0
12.
Curry, E., Mahmoud, Q.H.: Message-oriented middleware. Middlew. Commun. 1–28 (2004). ISBN 978-0-470-86206-3
13.
De Borger, W., De Win, B., Lagaisse, B., Joosen, W.: A permission system for secure AOP. In: AOSD ’10: Proceedings of the 9th International Conference on Aspect-Oriented Software Development, pp. 205–216. ACM, New York. (2010). doi:10.​1145/​1739230.​1739254. ISBN 978-1-60558-958-9
14.
15.
Falcone, Y., Jaber, M.: Towards automatic integration of Or-BAC security policies using aspects. In: Software Engineering Research and Practice, pp. 495–499 (2010)
16.
Filman, R., Elrad, T., Clarke, S., Aksit, M.: Aspect-Oriented Software Development. Addison-Wesley Professional, Reading (2004)
17.
Fikes, R., Hayes, P., Horrocks, I.: OWL-QL—a language for deductive query answering on the Semantic Web. Web Semantics: Science, Services and Agents on the World Wide Web 2(1), 19–29 (2004)
18.
Fradet, P., Ha, S.H.T.: Aspects of availability: enforcing timed properties to prevent denial of service. Sci. Comput. Program. 75(7), 516–542 (2010)CrossRefMATH
19.
Haarslev, V., Moller, R.: RACER: an OWL reasoning agent for the semantic web. In: 1st International Workshop on Applications, Products and Services of Web-Based Support Systems, WCC’03, pp. 91–95 (2003)
20.
Idrees, M.S., Serme, G., Roudier, Y., De Oliveira, A.S., Grall, H., Sudholt, M.: Evolving security requirements in multi-layered service-oriented-architectures. In: SETOP: 4th International Workshop on Autonomous and Spontaneous Security. BELGIQUE, Leuven (2011)
21.
Jones, M., Hamlen, K.W.: Disambiguating aspect-oriented security policies. In: AOSD ’10: Proceedings of the 9th International Conference on Aspect-Oriented Software Development, pp. 193–204. ACM, New York (2010). doi:10.​1145/​1739230.​1739253. ISBN 978-1-60558-958-9
22.
Kalam, A.A.E., Benferhat, S., Miège, A., El Baida, R., Cuppens, F., Saurel, C., Balbiani, P., Deswarte, Y., Trouessin, G.: Organization based access control. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks. Policy ’03, 120. IEEE Computer Society, Washington. (2003). ISBN 0-7695-1933-4. http://​dl.​acm.​org/​citation.​cfm?​id=​826036.​826869
23.
Kalam, A.A.E., Baida, R.E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C., Trouessin, G.: Organization based access control. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (2003). doi:10.​1109/​POLICY.​2003.​1206966
24.
Kiczales, G.: Aspect-oriented programming. ACM Comput. Surv 28(4es), 154 (1996)CrossRef
25.
O’Connor, M., Das, A.: SQWRL: a query language for OWL. In: Proceedings of the 5th International Workshop on OWL: Experiences and Directions. Owled’09 (2009)
26.
Ponnalagu, K., Narendra, N.C., Krishnamurthy, J., Ramkumar, R.: Aspect-oriented approach for non-functional adaptation of composite web services. In: Services, 2007 IEEE Congress on, pp. 284–291. (2007). doi:10.​1109/​SERVICES.​2007.​18
27.
Prud’hommeaux, E., Seaborne, A.: SPARQL Query Language for RDF. Recommendation, W3C (2008)
28.
29.
30.
Metadata
Title
Achieving dynamicity in security policies enforcement using aspects
Authors
Samiha Ayed
Muhammad Sabir Idrees
Nora Cuppens
Frederic Cuppens
Publication date
09-01-2017
Publisher
Springer Berlin Heidelberg
Published in
International Journal of Information Security / Issue 1/2018
Print ISSN: 1615-5262
Electronic ISSN: 1615-5270
DOI
https://doi.org/10.1007/s10207-016-0357-6

Other articles of this Issue 1/2018

International Journal of Information Security 1/2018 Go to the issue

Regular Contribution

Formal modeling of random oracle programmability and verification of signature unforgeability using task-PIOAs

Regular Contribution

Secure pay-TV for chained hotels

Regular Contribution

Privacy-preserving smart metering revisited

Regular Contribution

Black-box detection of XQuery injection and parameter tampering vulnerabilities in web applications

Regular Contribution

Generalized Elias schemes for efficient harvesting of truly random bits

Premium Partner

    Image Credits