Top

Published in:

2015 | OriginalPaper | Chapter

Policy Enforcement Point Model

Authors : Yosra Ben Mustapha, Hervé Debar, Gregory Blanc

Published in: International Conference on Security and Privacy in Communication Networks

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

As information systems become more complex and dynamic, Policy Decision Points (PDPs) and Policy Enforcement Points (PEPs) follow the same trend. It becomes thus increasingly important to model the capabilities of these PDPs and PEPs, both in terms of coverage, dependencies and scope.

In this paper, we focus on Policy Enforcement Points to model the objects on which they may enforce security constraints. This model, called the PEP Responsibility Domain (RD(PEP)), is build based on the configuration of the PEP following a bottom-up approach. This model can then be applied to multiple use cases, three of them are shown as examples in this paper, including policy evaluation and intrusion detection assessment and alert correlation.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Simple and Novel Technique for Counteracting Exploit Kits

next chapter Control Flow Obfuscation Using Neural Network to Fight Concolic Testing

eXtensible Access Control Markup Language (XACML) (2003). https://www.oasis-open.org/committees/download.php/2406/oasis-xacml-1.0.pdf

Zaborovsky, V., Mulukha, V., Silinenko, E.: Access Control Model and Algebra of Firewall Rules

Boutaba, R., Polyrakis, A.: Towards extensible policy enforcement points. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 247–262. Springer, Heidelberg (2001). http://dl.acm.org/citation.cfm?id=646962.712111 CrossRef

Al-shaer, E.S., Hamed, H.H.: Discovery of policy anomalies in distributed firewalls. In: IEEE INFOCOM 2004, pp. 2605–2616 (2004)

Pawlak, Z.: Rough Sets. Int. J. Inf. Comput. Sci. 11, 341–356 (1982)CrossRefMATH

Title: Policy Enforcement Point Model
Authors: Yosra Ben Mustapha
Hervé Debar
Gregory Blanc
Publisher: Springer International Publishing
Book: International Conference on Security and Privacy in Communication Networks
Print ISBN: 978-3-319-23828-9

Electronic ISBN: 978-3-319-23829-6

Copyright Year: 2015
DOI: https://doi.org/10.1007/978-3-319-23829-6_20

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner