Towards a Secure Application-Semantic Aware Policy Enforcement Architecture.

Even though policy enforcement has been studied from different angles including notation, negotiation and enforcement, the development of an application-semantic aware enforcement architecture remains ... In this paper we present and discuss the design of such an architecture. ... Architecture for Zodac, a new secure policy enforcement system is presented in Sect. 3 and the security considerations of the system are discussed in Sect. 4. ...

doi:10.1007/978-3-642-04904-0_6 fatcat:b7agmfi7trbcrlaxfnoyrfkfcy

Even though policy enforcement has been studied from different angles including notation, negotiation and enforcement, the development of an application-semantic aware enforcement architecture remains ... In this paper we present and discuss the design of such an architecture. ... Architecture for Zodac, a new secure policy enforcement system is presented in Sect. 3 and the security considerations of the system are discussed in Sect. 4. ...

doi:10.1007/978-3-642-04904-0_5 fatcat:czgzpuvcjnhwnezproqlgjcaii

The panel will discuss how to identify and overcome the obstacles of current web technologies and the road forward towards the policy-aware web architecture. ... However, what is missing is an overall framework and architecture allowing a combination of constraints and policy languages to interoperate and provide an accountable, enforceable, flexible and trusted ...

doi:10.1145/1367497.1367752 dblp:conf/www/Iannella08 fatcat:vjgvpltinzechdjq26xobxpqdy

Smart environments are integrated with Semantic Web to provide context-awareness to the processed information. ... The proposed approach allows the adaptation of authorization of information at component level and provides scalable solution for authorization policies and rule enforcement within smart environment. ... policy enforcement mechanism through XACML components. • Our proposed service layer offers policy enforcement mechanism between layers of user application and information storage. • The paper also showcase ...

doi:10.7472/jksii.2016.17.5.09 fatcat:6tww6xnrejaidiopeuugpfcwyi

Szczepanski

Service oriented architecture methodologies provided a platform for the development of advanced solutions like cloud computing, fog computing, software defined networking etc. ... Also, a few novel methods that proposed by adopting SOA in IoT services discussed. ... units 3 Policy-aware Service Oriented Architecture for Secure Machine-to-Machine Policy Aware M2M network domain M2M application Intelligent Bus on Campus (iBuC) Communications domain Estimated time of ...

doi:10.5120/ijca2018918249 fatcat:cddkl3ekjrdjlczru4bwkh45oy

To solve the problem, semantics-aware Web services have been proposed. The other major huddle for Web services is the security architecture. ... Geospatial semantic Web services can employ the framework to enforce resource access and intelligently make decisions about policy rules. ... Section 3 provides the architecture details of a semantic Web service execution in geospatial context. Section 4 presents our contribution on security for semantics-aware Web services. ...

doi:10.1145/1180367.1180380 dblp:conf/sws/AlamSTK06 fatcat:ywb3dj7n6bhnffxiomzhqqthxu

Then, we describe a reference architecture for enforcing our semantics-aware policies. ... In this paper, we outline how current standard policy languages such as XACML can be extended to address this issue. ... -Semantic-aware subject description. Semantic web applications need to easily operate on subject descriptions to determine whether a policy rule is applicable to a user. -Canonical metadata syntax. ...

doi:10.1007/978-3-540-27834-4_41 fatcat:4jskkqxdofc7hfwqhdy47ijobu

In this paper, we present a set of key requirements and design principles for a Service Oriented Cross Domain Security Infrastructure in form of a CDC Reference Architecture, featuring domain-associated ... This reference architecture will provide the foundation for the development of protocols and ontologies enabling runtime coordination among CDC elements, leading to more secure, effective, and interoperable ... Similarly, semantic-aware guards could translate security vocabularies between domains based on these ontologies and enforce security policies accordingly. ...

doi:10.1007/978-3-319-11692-1_24 fatcat:oa4yqaug3fc3di4jue7nfmlbgi

Finally, we show a simple way for controlling the policy granularity using Semantic Grid technologies for the specification of policy subjects and objects. ... Then, we present an architecture implementing such model. In doing so, we use the functional components of the current Grids. ... Even if in Semantic Grids specific Grid Users will keep asking to access specific Grid Data, a semantic-aware PDP would search for applicable policies using the multiple fields of the KEs of both the Grid ...

doi:10.1007/978-3-642-02056-8_7 fatcat:zwvqsz7svffvfbg3vet5a4jsou

efficient enforcement of security controls at the tactical edge. ... Each service is presented as an architectural element within the TACTICS TSI (Tactical Service Infrastructure), aiming to highlight the distinct functionalities of the security infrastructure towards the ... as the output of the core security policy architecture towards the rest of the security or TSI services deployed in the processing pipeline. ...

doi:10.1007/978-3-319-61566-0_29 fatcat:eusr56brebdg7emwdwc7itqwy4

To allow a data consumer to use this data while maintaining privacy, our architecture helps enforce semantic policies and lets consumers understand what kinds of queries are allowed under those policies ... This engine consists of a policy reasoner, an event log, a set of applicable policies, and metadata about the database. ... Lalana Kagal is a research scientist in the Massachusetts Institute of Technology's Computer Science and Artificial ...

doi:10.1109/msp.2010.89 fatcat:264zo45tdvc2naiovcnpe6h3te

This paper outlines how context metadata can be referred to in semantics-aware access control policies and discusses the main open issues in designing, producing, and maintaining metadata for security. ... Semantic-Web style metadata for advanced context representation and domain knowledge are likely to play a more and more important role within access control models and languages. ... Integrating Metadata Within Policies Although some preliminary work has been done toward the definition of a semantics-aware access control process (Section 4), virtually no effort has been made toward ...

doi:10.1007/1-4020-8128-6_12 fatcat:c4cycdr73zb5nhesskkmijzrvu

Therefore, along with the development of systems of systems comes the demand for a flexible security framework that faces the related security challenges. ... Despite offering a high degree of operational flexibility, the systems of systems paradigm has a strong impact on systems interoperability and on the security requirements of the coalition members (hereafter ... Acknowledgements This research has been carried out as a part of the POSEIDON project at Thales under the responsibilities of the Embedded Systems Institute (ESI). ...

doi:10.1007/978-1-4614-6230-9_12 fatcat:wl2ebo3ipzdy5pn2rcjngekqqi

This document describes the deployment of a development environment based on the BDE platform with the semantification extensions ... This setup allows the early evaluation of the developments in: • T3.2-Scalable secure data, policy and provenance/events representation • T3.3-Authentication and authorisation (Security & Enforcement) ... D3.1 Initial setup of policy-aware Linked Data architecture and engine PU The hardware layer offers the computational elements on which the application solution is being executed. ...

doi:10.5281/zenodo.2543647 fatcat:nwvipaky2rdfpbutdstu2h25py

Open Access

Our semantics-aware firewalls rules are written using a flexible XML-based syntax that allows sharing metadata concepts with service level access control policies, supporting complex security policies ... In this paper, a technique is presented able to make perimetral defences semantics-aware. ... Our architecture of the semantic-aware perimeter protection component has three main logical parts: a set of filtering rules representing the security policy and a mechanism to enforce it; a classification ...

doi:10.1007/1-4020-8070-0_17 fatcat:mfa4likuv5dl5kvtm6n2bgslhy

Towards a Secure Application-Semantic Aware Policy Enforcement Architecture [chapter]

Preserved Fulltext

Towards a Secure Application-Semantic Aware Policy Enforcement Architecture [chapter]

Preserved Fulltext

Towards the policy-aware web

Preserved Fulltext

Access Control as a Service for Information Protection in Semantic Web based Smart Environment

Preserved Fulltext

Adaptability of SOA in IoT Services – An Empirical Survey

Preserved Fulltext

Reasoning with semantics-aware access control policies for geospatial web services

Preserved Fulltext

Extending Policy Languages to the Semantic Web [chapter]

Preserved Fulltext

Towards a Reference Architecture for Service-Oriented Cross Domain Security Infrastructures [chapter]

Preserved Fulltext

On Usage Control in Data Grids [chapter]

Preserved Fulltext

Security Infrastructure for Service Oriented Architectures at the Tactical Edge [chapter]

Preserved Fulltext

Preserving Privacy Based on Semantic Policy Tools

Preserved Fulltext

Invited Talk - Towards Semantics-Aware Access Control [chapter]

Preserved Fulltext

The POLIPO Security Framework [chapter]

Preserved Fulltext

D3.1 - Initial setup of policy aware Linked Data architecture and engine [article]

Preserved Fulltext

Semantics-Aware Perimeter Protection [chapter]

Preserved Fulltext