首页> 外文OA文献 >Automated Analysis of Scenario-based Specifications of Distributed Access Control Policies with Non-Mechanizable Activities (Extended Version)

【2h】

Automated Analysis of Scenario-based Specifications of Distributed Access Control Policies with Non-Mechanizable Activities (Extended Version)

机译：基于场景的分布式系统规范的自动分析具有非机械化活动的访问控制策略（扩展版）

页面导航

摘要
著录项
相似文献
相关主题

摘要

The advance of web services technologies promises to have far-reachingeffects on the Internet and enterprise networks allowing for greateraccessibility of data. The security challenges presented by the web servicesapproach are formidable. In particular, access control solutions should berevised to address new challenges, such as the need of using certificates forthe identification of users and their attributes, human intervention in thecreation or selection of the certificates, and (chains of) certificates fortrust management. With all these features, it is not surprising that analyzingpolicies to guarantee that a sensitive resource can be accessed only byauthorized users becomes very difficult. In this paper, we present an automatedtechnique to analyze scenario-based specifications of access control policiesin open and distributed systems. We illustrate our ideas on a case studyarising in the e-government area.

机译：Web服务技术的发展有望对Internet和企业网络产生深远的影响，从而使数据具有更大的可访问性。 Web服务方法提出的安全挑战是巨大的。特别是，应该修改访问控制解决方案以应对新的挑战，例如需要使用证书来标识用户及其属性，在证书的创建或选择过程中进行人为干预以及需要用于证书管理的（链）证书。有了所有这些功能，分析策略以确保只有授权用户才能访问敏感资源就变得很困难了。在本文中，我们提出了一种自动化技术，用于分析开放式和分布式系统中基于场景的访问控制策略的规范。我们通过电子政务领域的案例研究说明了我们的想法。

著录项

作者
Barletta, Michele; Ranise, Silvio; Viganò, Luca;
展开▼
作者单位

展开▼
年度 2012
总页数
原文格式 PDF
正文语种 {"code":"en","name":"English","id":9}
中图分类

相似文献

外文文献
中文文献
专利

1. A Rigorous Framework for Specification, Analysis and Enforcement of Access Control Policies [J] . Margheri Andrea, Masi Massimiliano, Pugliese Rosario, IEEE Transactions on Software Engineering . 2019,第1期

机译：用于访问控制策略规范，分析和执行的严格框架
2. Requirements-based Access Control Analysis And Policy Specification (recaps) [J] . Qingfeng He, Annie I. Anton Information and software technology . 2009,第6期

机译：基于需求的访问控制分析和策略规范（摘要）
3. The Policy Machine: A novel architecture and framework for access control policy specification and enforcement [J] . Ferraiolo D., Atluri V., Gavrila S. Journal of systems architecture . 2011,第4期

机译：政策机器：用于访问控制政策规范和实施的新颖架构和框架
4. Automated Analysis of Scenario-Based Specifications of Distributed Access Control Policies with Non-mechanizable Activities [C] . Michele Barletta, Silvio Ranise, Luca Vigano International workshop on security and trust management . 2013

机译：自动分析基于情景的具有非机械化活动的分布式访问控制策略的规范
5. Requirements-based access control analysis and policy specification. [D] . He, Qingfeng. 2005

机译：基于需求的访问控制分析和策略规范。
6. Energy-Efficiency Analysis of a Distributed Queuing Medium Access Control Protocol for Biomedical Wireless Sensor Networks in Saturation Conditions [O] . Begonya Otal, Luis Alonso, Christos Verikoukis 2011

机译：饱和条件下生物医学无线传感器网络的分布式排队介质访问控制协议的能效分析
7. Techniques for Automating Policy Specification for Application-oriented Access Controls [O] . Z. Cliffe Schreuders, Christian Payne, Tanya Mcgill 2013

机译：面向应用程序的访问控制的策略规范自动化技术
8. Plankton Analysis by Automated Submersible Imaging Flow Cytometry: Transforming a Specialized Research Instrument into a Broadly Accessible Tool and Extending its Target Size Range. [R] . Olson, R. J., Sosik, H. M. 2012

机译：通过自动潜水成像流式细胞仪进行浮游生物分析：将专业研究仪器转换为广泛可访问的工具并扩展其目标尺寸范围。

Automated Analysis of Scenario-based Specifications of Distributed Access Control Policies with Non-Mechanizable Activities (Extended Version)

摘要

著录项

相似文献

相关主题

期刊订阅