Filters








358 Hits in 4.8 sec

A Toolchain for Model-based Design and Testing of Access Control Systems
english

Said Daoudagh, Donia El Kateb, Francesca Lonetti, Eda Marchetti, Tejeddine Mouelhi
2015 Proceedings of the 3rd International Conference on Model-Driven Engineering and Software Development  
We provide in this paper a toolchain that involves a model-driven approach to specify and generate XACML policies and also enables automated testing of the PDP component.  ...  Due to the complexity of the standard language, it is recommended to rely on model-driven approaches which allow to overcome difficulties in the XACML policy definition.  ...  ACKNOWLEDGEMENTS The authors would like to thank Antonia Bertolino and Yves Le Traon for their suggestions and useful discussions.  ... 
doi:10.5220/0005330604110418 dblp:conf/modelsward/DaoudaghKLMM15 fatcat:4b2wsh6p7vex5l3ay3dv44vrwi

Managing Internal Control in Changing Organizations through Business Process Intelligence - A Service Oriented Architecture for the XACML Based Monitoring of Supporting Systems

Matthias Kehlenbeck, Thorben Sandner, Michael H. Breitner
2010 2010 43rd Hawaii International Conference on System Sciences  
A model for the annotation of processes with controls, permissions and roles based on BPMN, COSO and XACML is presented.  ...  Additionally, a Service Oriented Architecture for the automated monitoring of controls and the timely communication of thereby detected control exceptions is proposed.  ...  But being part of the SECTET framework for model driven security for B2B-workflows, their work put a focus on specifying permissions for web services. Pistoia et al.  ... 
doi:10.1109/hicss.2010.262 dblp:conf/hicss/KehlenbeckSB10 fatcat:qj43umfcdvhifbt2laoqtzmf4m

A Model-Based Framework for Security Policy Specification, Deployment and Testing [chapter]

Tejeddine Mouelhi, Franck Fleurey, Benoit Baudry, Yves Le Traon
2008 Lecture Notes in Computer Science  
In this paper, we propose a model-driven approach for specifying, deploying and testing security policies in Java applications.  ...  This model is then automatically transformed into security policy for the XACML platform and integrated in the application using aspect-oriented programming.  ...  It is important to note that the tool allows XACML files to be generated for both the actual policy and the mutant policies.  ... 
doi:10.1007/978-3-540-87875-9_38 fatcat:hucyuppvrna5vde6xvoitcw5wa

Automated test generation for access control policies

Evan Martin
2006 Companion to the 21st ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications - OOPSLA '06  
Access control policies are increasingly written in specification languages such as XACML.  ...  In this paper we present an efficient test generation approach and its supporting tool called Targen.  ...  We use a policy coverage measurement tool [4] to obtain a measure of policy structural coverage and an automated mutation testing framework [3] to obtain a measure of fault-detection capability.  ... 
doi:10.1145/1176617.1176708 dblp:conf/oopsla/Martin06 fatcat:banf2am3jrecfdxgulgbtbutja

Towards model-driven development of access control policies for web applications

Marianne Busch, Nora Koch, Massimiliano Masi, Rosario Pugliese, Francesco Tiezzi
2012 Proceedings of the Workshop on Model-Driven Security - MDsec '12  
We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and intuitive way and a model-driven process that transforms graphical specifications of access control  ...  These XACML policies are then translated in FACPL, a policy language with a formal semantics, and the resulting policies are evaluated by means of a Java-based software tool.  ...  It offers the advantages of an easy to learn and intuitive visual specification Figure 1 : Toolchain for the model-driven approach language for policies, which can be also translated automatically to  ... 
doi:10.1145/2422498.2422502 dblp:conf/models/BuschKMPT12 fatcat:wf4sgfionvfjra4i5qcs2eykeq

Analysis and Comparison of Access Control Policies Validation Mechanisms

Muhammad Aqib, Riaz Ahmed Shaikh
2014 International Journal of Computer Network and Information Security  
Bell-Lapadula model [43] (for confidentiality) and Biba model [49] (for integrity) are the two common examples of MLS models.  ...  The RBAC is an alternative to both DAC and MAC and is commonly used to define the access control policies.  ...  These tools have their own validation criterion and use specific language like XACML [50] for policy specifications.  ... 
doi:10.5815/ijcnis.2015.01.08 fatcat:5l57q7pkdvfwbe2bxxnewtkn4a

A Model-Driven Framework for Trusted Computing Based Systems

Masoom Alam, Jean-Pierre Seifert, Xinwen Zhang
2007 International Enterprise Distributed Object Computing Conference, Proceedings  
First, we detail SECTET -a model-driven framework for leveraging TC concepts at a higher level of abstraction.  ...  We secondly elaborate the integration of platform-independent XACML policies with the platform-specific SELinux policies.  ...  The framework weaves the ideas about Model Driven Architecture, Model Driven Engineering and web services standards together for an inter-organizational workflow conceptual framework, that is more than  ... 
doi:10.1109/edoc.2007.4383983 fatcat:iem4js4uzrg7fpgnlwk7nmo2ee

A Model-Driven Framework for Trusted Computing Based Systems

Masoom Alam, Jean-Pierre Seifert, Xinwen Zhang
2007 11th IEEE International Enterprise Distributed Object Computing Conference (EDOC 2007)  
First, we detail SECTET -a model-driven framework for leveraging TC concepts at a higher level of abstraction.  ...  We secondly elaborate the integration of platform-independent XACML policies with the platform-specific SELinux policies.  ...  The framework weaves the ideas about Model Driven Architecture, Model Driven Engineering and web services standards together for an inter-organizational workflow conceptual framework, that is more than  ... 
doi:10.1109/edoc.2007.52 dblp:conf/edoc/AlamSZ07 fatcat:efxw4mo6tbdcbfcmv45cj3lzbu

Efficient Mutation Killers in Action

Bernhard K. Aichernig, Harald Brandl, Elisabeth Jöbstl, Willibald Krenn
2011 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation  
In the family of model-driven approaches, model-based testing can be seen as a success story in particular with respect to the degree of mechanical processing and automation that has been achieved, and  ...  Tools for model-based testing have been developed both as research prototypes and as commercial or semi-commercial applications brought to users by midsize and enterprise-level companies, and applied in  ...  We propose a framework, called XCRE-ATE, for the systematic generation of test inputs (XACML requests). Differently from existing tools, X-CREATE exploits the XACML Context Schema.  ... 
doi:10.1109/icst.2011.57 dblp:conf/icst/AichernigBJK11 fatcat:vl3ur4bcxzcjhp32qslqmtatry

WSACd - A Usable Access Control Framework for Smart Home Devices [chapter]

Konstantinos Fysarakis, Charalampos Konstantourakis, Konstantinos Rantos, Charalampos Manifavas, Ioannis Papaefstathiou
2015 Lecture Notes in Computer Science  
This paper presents Web Service Access Control for devices (WSACd), a framework that combines access control provided by the eXtensible Access Control Markup Language (XACML) with the benefits of Service  ...  Oriented Architectures through the use of the Devices Profile for Web Services (DPWS).  ...  Kim et al [20] have proposed the use of an OSGi (Open Services Gateway initiative)based framework to integrate heterogeneous smart-home devices and services, including an access control model, combining  ... 
doi:10.1007/978-3-319-24018-3_8 fatcat:l7v7sgzhefhk7ecnve22b44qey

Protecting Data Assets in a Smart Grid SOA

Markus Jung, Thomas Hofer, Wolfgang Kastner, Susen Döbelt
2013 Journal of Internet Technology and Secured Transaction  
Therefore, this paper contributes i) a SOA for the Smart Grid and ii) an access control mechanism that is taken into consideration from the early beginning of the system design.  ...  Facilitating a SOA based on Web services allows to build a flexible integration layer that makes it possible to reuse existing information sources for a variety of application scenarios.  ...  model: A core element of the oBIX specification is a generic and simple meta-model for information modeling represented through the oBIX object model.  ... 
doi:10.20533/jitst.2046.3723.2013.0021 fatcat:pvs63ggda5eitiy3zk5klpl3ye

Transforming and Selecting Functional Test Cases for Security Policy Testing

Tejeddine Mouelhi, Yves Le Traon, Benoit Baudry
2009 2009 International Conference on Software Testing Verification and Validation  
The method includes a three-step technique based on mutation applied to security policies (RBAC, XACML, Or-BAC) and AOP for transforming automatically functional test cases into security policy test cases  ...  The method is applied to Java programs and provides tools for performing the steps from the dynamic analyses of impacted test cases to their transformation.  ...  This framework allows us to produce mutants for any access control language that conforms to the generic model, for instance XACML.  ... 
doi:10.1109/icst.2009.49 dblp:conf/icst/MouelhiTB09 fatcat:eh3c2hlg5nbnlacrteahhqxzgu

Policy-Driven Patch Management for Distributed Environments

Jan Muhammad, Richard O. Sinnott
2009 2009 Third International Conference on Network and System Security  
In this paper we present a trust-oriented policy-driven infrastructure that overcomes many of the issues with existing VO models based upon blind trust assumptions of the fabric.  ...  An insecure fabric can undermine the security of collaborating sites and any threat (perceived or real) can often impede the operation of the whole VO.  ...  In the future, an extension to this work will be looking the pros and cons of centralized and decentralized models for security policies.  ... 
doi:10.1109/nss.2009.67 dblp:conf/nss/MuhammadS09 fatcat:hh2opwrt5nc2ho2qikifofdh7i

An extensive systematic review on the Model-Driven Development of secure systems

Phu H. Nguyen, Max Kramer, Jacques Klein, Yves Le Traon
2015 Information and Software Technology  
Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems.  ...  Conclusion: Our results suggest the need for addressing multiple security concerns more systematically and simultaneously, for tool chains supporting the MDS development cycle, and for more empirical studies  ...  Later on, the authors proposed a specification language namely SECTET-PL (OCL-based) which is part of the SECTET framework for model-driven security for B2B workflows.  ... 
doi:10.1016/j.infsof.2015.08.006 fatcat:to2pp3mfrfeo7f75yzvuc5zdoe

An Extensive Systematic Review on Model-Driven Development of Secure Systems [article]

Phu H. Nguyen, Max Kramer, Jacques Klein, Yves Le Traon
2015 arXiv   pre-print
Context: Model-Driven Security (MDS) is as a specialised Model-Driven Engineering research area for supporting the development of secure systems.  ...  Conclusion: Our results suggest the need for addressing multiple security concerns more systematically and simultaneously, for tool chains supporting the MDS development cycle, and for more empirical studies  ...  Later on, the authors proposed a specification language namely SECTET-PL (OCL-based) which is part of the SECTET framework for model-driven security for B2B workflows.  ... 
arXiv:1505.06557v1 fatcat:l46h4a37ards3ptbkn7cyarbdm
« Previous Showing results 1 — 15 out of 358 results