loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Worachet Uttha 1 ; Clara Bertolissi 2 and Silvio Ranise 3

Affiliations: 1 LIF and CNRS UMR 7279 & AMU, France ; 2 LIF, CNRS UMR 7279 & AMU and Fondazione Bruno Kessler, France ; 3 Fondazione Bruno Kessler, Italy

ISBN: 978-989-758-117-5

Keyword(s): Access Control, Transitive Access, Security Policy, OrBAC, Web Services, XACML.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Information and Systems Security ; Information Assurance ; Internet Technology ; Organizational Security Policies ; Security and Privacy in Web Services ; Web Information Systems and Technologies

Abstract: Access control is a crucial issue for the security of Web Services. Since these are independently designed, implemented, and managed, each with its own access control policy, it is challenging to mediate the access to the information they share. In this context, a particularly difficult case occurs when a service invokes another service to satisfy an initial request, leading to indirect authorization errors. To overcome this problem, we propose a new approach based on a version of ORganization Based Access Control (OrBAC) extended by a delegation graph to keep track of transitive authorization dependencies. We show that Datalog can be used as the specification language of our model. As a byproduct of this, an automated analysis technique for simulating execution scenarios before deployment is proposed. Finally, we show how to implement an enforcement mechanism for our model on top of the XACML architecture. To validate our approach, we present a case study adapted from the literature.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.234.214.113

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Uttha, W.; Bertolissi, C. and Ranise, S. (2015). Modeling Authorization Policies for Web Services in Presence of Transitive Dependencies.In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 293-300. DOI: 10.5220/0005548502930300

@conference{secrypt15,
author={Worachet Uttha. and Clara Bertolissi. and Silvio Ranise.},
title={Modeling Authorization Policies for Web Services in Presence of Transitive Dependencies},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={293-300},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005548502930300},
isbn={978-989-758-117-5},
}

TY - CONF

JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Modeling Authorization Policies for Web Services in Presence of Transitive Dependencies
SN - 978-989-758-117-5
AU - Uttha, W.
AU - Bertolissi, C.
AU - Ranise, S.
PY - 2015
SP - 293
EP - 300
DO - 10.5220/0005548502930300

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.