Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
A Transparent and Privacy-Aware Approach Using Smart Contracts for Car Insurance Reward Programs Kapitel lesen Erstes Kapitel lesen

2019 | OriginalPaper | Buchkapitel

Policy Reconciliation and Migration in Attribute Based Access Control

verfasst von : Gunjan Batra, Vijayalakshmi Atluri, Jaideep Vaidya, Shamik Sural

Erschienen in: Information Systems Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Today, organizations do not work in silos, but rather collaborate, work jointly and share data resources for various business benefits such as storage, management, analytics, etc. In this scenario, organizations want to ensure that their own security requirements are always met, even though they may be sharing/moving their resources to another organization. Hence, there is a need to evaluate the extent to which their policies are similar (or equivalent) i.e., to what extent do they both agree on a common set of security requirements (policy)? When the policies are not identical, there is also a need to evaluate the differences and see how these differences can be reconciled so that the organizations can be brought to agreement in terms of their security requirements.
To address this issue, in this paper, we first propose the notion of policy equivalence and develop methods to evaluate the policy similarity. We also propose two different approaches for accomplishing policy reconciliation where one is based on ABAC mining and the other is based on finding maximal common subsets. Both of the approaches guarantee that the organization’s policies are never violated as they are both conservative in nature. Further, it is also possible that the organizations in the collaboration decide to pick one organization and each of them migrates to the policy. We propose a migration approach for organizations in this setting which will incur least migration cost for all the organizations. We compare both the reconciliation approaches and policy migration with respect to their reconciliation results as well as performance.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel VisMAP: Visual Mining of Attribute-Based Access Control Policies
Nächstes Kapitel WiP: Generative Adversarial Network for Oversampling Data in Credit Card Fraud Detection
Literatur
1.
Agrawal, D., Giles, J., Lee, K.W., Lobo, J.: Policy ratification. In: IEEE International Workshop on Policies for Distributed Systems and Networks, pp. 223–232 (2005)
2.
Backes, M., Karjoth, G., Bagga, W., Schunter, M.: Efficient comparison of enterprise privacy policies. In: ACM Symposium on Applied Computing, pp. 375–382 (2004)
3.
Barker, S.: The next 700 access control models or a unifying meta-model? In: ACM SACMAT, pp. 187–196 (2009)
4.
5.
Bertino, E., Catania, B., Ferrari, E., Perlasca, P.: A logical framework for reasoning about access control models. ACM TISSEC 6(1), 71–127 (2003)CrossRef
6.
Bonatti, P., De Capitani di Vimercati, S., Samarati, P.: An algebra for composing access control policies. ACM TISSEC 5(1), 1–35 (2002)CrossRef
7.
Bruns, G., Dantas, D.S., Huth, M.: A simple and expressive semantic framework for policy composition in access control. In: Proceedings of the 2007 ACM Workshop on Formal Methods in Security Engineering, pp. 12–21. ACM (2007)
8.
Fisler, K., Krishnamurthi, S., Meyerovich, L.A., Tschantz, M.C.: Verification and change-impact analysis of access-control policies. In: International Conference on Software Engineering, pp. 196–205 (2005)
9.
10.
Hu, V.: Attribute based access control (ABAC) definition and considerations. Technical report, National Institute of Standards and Technology (2014)
11.
Jajodia, S., Samarati, P., Subrahmanian, V., Bertino, E.: A unified framework for enforcing multiple access control policies. ACM SIGMOD Rec. 26, 474–485 (1997)CrossRef
12.
Koch, M., Mancini, L.V., Parisi-Presicce, F.: On the specification and evolution of access control policies. In: ACM SACMAT, pp. 121–130 (2001)
13.
Lin, D., Rao, P., Ferrini, R., Bertino, E., Lobo, J.: A similarity measure for comparing XACML policies. IEEE TKDE 25(9), 1946–1959 (2013)
14.
Lupu, E.C., Sloman, M.: Conflicts in policy-based distributed systems management. IEEE Trans. Softw. Eng. 25(6), 852–869 (1999)CrossRef
15.
Mazzoleni, P., Bertino, E., Crispo, B., Sivasubramanian, S.: XACML policy integration algorithms: not to be confused with XACML policy combination algorithms! In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, pp. 219–227. ACM (2006)
16.
McDaniel, P., Prakash, A.: Methods and limitations of security policy reconciliation. ACM TISSEC 9(3), 259–291 (2006)CrossRef
17.
Shafiq, B., Joshi, J.B., Bertino, E., Ghafoor, A.: Secure interoperation in a multidomain environment employing RBAC policies. IEEE TKDE 17(11), 1557–1577 (2005)
18.
Talukdar, T., Batra, G., Vaidya, J., Atluri, V., Sural, S.: Efficient bottom-up mining of attribute based access control policies. In: IEEE International Conference on Collaboration and Internet Computing, pp. 339–348 (2017)
19.
20.
21.
Xu, Z., Stoller, S.D.: Mining attribute-based access control policies. IEEE TDSC 12(5), 533–545 (2015)
Metadaten
Titel
Policy Reconciliation and Migration in Attribute Based Access Control
verfasst von
Gunjan Batra
Vijayalakshmi Atluri
Jaideep Vaidya
Shamik Sural
Copyright-Jahr
2019
Buch
Information Systems Security

Print ISBN: 978-3-030-36944-6

Electronic ISBN: 978-3-030-36945-3

Copyright-Jahr: 2019

DOI
https://doi.org/10.1007/978-3-030-36945-3_6

Premium Partner

    Bildnachweise