Toward an abstract language on top of XACML for web services security

LAUR Repository

Show simple item record

dc.contributor.author Mourad, Azzam
dc.contributor.author Otrok, Hadi
dc.contributor.author Yahyaoui, Hamdi
dc.contributor.author Baajour, Lama
dc.date.accessioned 2017-03-10T09:06:27Z
dc.date.available 2017-03-10T09:06:27Z
dc.date.issued 2017-03-10
dc.identifier.isbn 9781908320001 en_US
dc.identifier.uri http://hdl.handle.net/10725/5354
dc.description.abstract We introduce in this paper an abstract language on top of XACML (eXtensible Access Control Markup Language) for web services security. It is based on the automatic generation of XACML security policies from abstract XACML profile(s). Our proposed approach allows first to specify the XACML profiles, which are then translated using our intended compiler into XACML security policies. The main contributions of our approach are: (1) Describing dynamic security policies using an abstract and user friendly profile language on top of XACML, (2) generating automatically the the XACML policies and (3) separating the business and security concerns of composite web services, and hence developing them separately. Our solution address the problems related to the complexity and difficulty of specifying security policies in XACML and other standard languages. We tested the feasibility of our approach by developing the library system (LB) that is composed of several Web services and applying/realizing our approach to enforce security. en_US
dc.language.iso en en_US
dc.publisher IEEE en_US
dc.title Toward an abstract language on top of XACML for web services security en_US
dc.type Conference Paper / Proceeding en_US
dc.author.school SAS en_US
dc.author.idnumber 200904853 en_US
dc.author.department Computer Science and Mathematics en_US
dc.description.embargo N/A en_US
dc.keywords Business en_US
dc.keywords Security en_US
dc.identifier.ctation Mourad, A., Otrok, H., Yahyaoui, H., & Baajour, L. (2011, December). Toward an abstract language on top of XACML for web services security. In Internet Technology and Secured Transactions (ICITST), 2011 International Conference for (pp. 254-259). IEEE. en_US
dc.author.email azzam.mourad@lau.edu.lb en_US
dc.conference.date 11-14 Dec. 2011 en_US
dc.conference.pages 254-259 en_US
dc.conference.place Abu Dhabi, United Arab Emirates en_US
dc.conference.title 2011 International Conference for Internet Technology and Secured Transactions en_US
dc.identifier.tou http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php en_US
dc.identifier.url http://ieeexplore.ieee.org/abstract/document/6148453/ en_US
dc.orcid.id https://orcid.org/0000-0001-9434-5322
dc.author.affiliation Lebanese American University en_US

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record

Search LAUR

Advanced Search


My Account