Model-Driven Specification and Design-Level Analysis of XACML Policies

LAUR Repository

Show simple item record

dc.contributor.author Tout, Hanine
dc.contributor.author Mourad, Azzam
dc.contributor.author Talhi, Chamseddine
dc.contributor.author Otrok, Hadi
dc.contributor.author Yahyaoui, Hamdi
dc.date.accessioned 2020-09-08T11:09:16Z
dc.date.available 2020-09-08T11:09:16Z
dc.identifier.isbn 9789383701353 en_US
dc.identifier.uri http://hdl.handle.net/10725/12115
dc.description.abstract Throughout the recent years, Web services security has been the target of many researchers. Particularly, by integrating policies and rules to govern the Web services behaviors at runtime, researchers have been able to prove the capability of policy languages in enforcing Web services security. XACML or eXtensible Access Control Markup Language is one of the most widely adopted security standards for controlling access to individual and between composed services based on policies specifications. However, like any other policy language, XACML policies are specified in structural files with complex syntax, which makes the policies specification process both, time consuming and error prone. Moreover, security policies are commonly verified in an afterthought stage after their enforcement, yet with diversity of rules and conditions specified in the policies, hidden conflicts, redundancies and access flaws are more likely to arise, which expose the system to serious vulnerabilities at execution time. To address these problems, we propose in this paper a novel approach that allows high-level specification of XACML security policies and provides design-level analysis to detect problems and vulnerabilities in the policies semantics, a priori to their integration and execution in the system. en_US
dc.language.iso en en_US
dc.subject Telecommunication systems -- Congresses en_US
dc.title Model-Driven Specification and Design-Level Analysis of XACML Policies en_US
dc.type Conference Paper / Proceeding en_US
dc.author.school SAS en_US
dc.author.idnumber 200904853 en_US
dc.author.department Computer Science And Mathematics en_US
dc.description.embargo N/A en_US
dc.identifier.doi https://doi.org/10.13140/RG.2.1.2573.6167 en_US
dc.identifier.ctation Tout, H., Mourad, A., & Talhi, C. (2015). Model-driven specification and design-level analysis of XACML policies. In Second International Conference on Next Generation Computing and Communication Technologies (ICNGCCT 2015). en_US
dc.author.email azzam.mourad@lau.edu.lb en_US
dc.conference.date 22-23 Apr., 2015 en_US
dc.conference.place Dubai, United Arab Emirates en_US
dc.conference.title Second International Conference on Next Generation Computing and Communication Technologies en_US
dc.identifier.tou http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php en_US
dc.identifier.url https://www.researchgate.net/publication/281748889_Model-Driven_Specification_and_Design-Level_Analysis_of_XACML_Policies en_US
dc.orcid.id https://orcid.org/0000-0001-9434-5322 en_US
dc.publication.date 2015 en_US
dc.author.affiliation Lebanese American University en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search LAUR

Advanced Search


My Account