An Attribute Mapping Technique for Secure Interoperation in Multi-Domain Environments

2014 ◽  
Vol 519-520 ◽  
pp. 181-184
Author(s):  
Jian Feng Lu ◽  
Xuan Yan ◽  
Yi Ding Liu
Keyword(s):  
Access Control ◽  
Mapping Technique ◽  
Cardinality Constraint ◽  
Constraint Violation ◽  
Basic Technique ◽  
Access Control Policies ◽  
Role Mapping ◽  
Simple Action ◽  
Definition Of ◽  
Secure Interoperation

Role mapping is a basic technique for facilitating interoperation in RBAC-based collaborating environments. However, role mapping lacks the flexibility to specify access control policies in the scenarios where the access control is not a simple action, but consists of a sequence of actions and events from subjects and system. In this paper, we propose an attribute mapping technique to establish secure context in multi-domain environments. We first classify attributes into eight types and show that only two types of attributes need to be translated. We second give the definition of attribute mapping technique, and analysis the properties of attribute mapping. Finally, we study how cardinality constraint violation arises and shows that it is efficient to resolve this security violation.

A Parser to Support the Definition of Access Control Policies and Rules Using Natural Languages

2019 ◽  
Vol 44 (2) ◽  
Author(s):  
Marco Rosa ◽  
João Paulo Barraca ◽  
André Zuquete ◽  
Nelson Pacheco Rocha
Keyword(s):  
Access Control ◽  
Natural Languages ◽  
Control Policies ◽  
Access Control Policies ◽  
Definition Of

scholarly journals Dynamic access-control policies on XML encrypted data

2008 ◽  
Vol 10 (4) ◽  
pp. 1-37 ◽  
Author(s):  
Luc Bouganim ◽  
Francois Dang Ngoc ◽  
Philippe Pucheral
Keyword(s):  
Access Control ◽  
Control Policies ◽  
Encrypted Data ◽  
Access Control Policies ◽  
Dynamic Access Control

An algebra for composing access control policies

2002 ◽  
Vol 5 (1) ◽  
pp. 1-35 ◽  
Author(s):  
Piero Bonatti ◽  
Sabrina De Capitani di Vimercati ◽  
Pierangela Samarati
Keyword(s):  
Access Control ◽  
Control Policies ◽  
Access Control Policies

VeRA: Verifying RBAC and Authorization Constraints Models of Web Applications

2021 ◽  
Vol 31 (05) ◽  
pp. 655-675
Author(s):  
Thanh-Nhan Luong ◽  
Hanh-Phuc Nguyen ◽  
Ninh-Thuan Truong
Keyword(s):  
Access Control ◽  
Programming Languages ◽  
Web Application ◽  
Web Applications ◽  
Implementation Process ◽  
Record Management ◽  
Role Based Access Control ◽  
Security Issue ◽  
Control Policies ◽  
Access Control Policies

The software security issue is being paid great attention from the software development community as security violations have emerged variously. Developers often use access control techniques to restrict some security breaches to software systems’ resources. The addition of authorization constraints to the role-based access control model increases the ability to express access rules in real-world problems. However, the complexity of combining components, libraries and programming languages during the implementation stage of web systems’ access control policies may arise potential flaws that make applications’ access control policies inconsistent with their specifications. In this paper, we introduce an approach to review the implementation of these models in web applications written by Java EE according to the MVC architecture under the support of the Spring Security framework. The approach can help developers in detecting flaws in the assignment implementation process of the models. First, the approach focuses on extracting the information about users and roles from the database of the web application. We then analyze policy configuration files to establish the access analysis tree of the application. Next, algorithms are introduced to validate the correctness of the implemented user-role and role-permission assignments in the application system. Lastly, we developed a tool called VeRA, to automatically support the verification process. The tool is also experimented with a number of access violation scenarios in the medical record management system.

Sign in / Sign up

Export Citation Format

Share Document