Model-based refinement of security policies in collaborative virtual organisations

Benjamin Aziz, A. Arenas, M. Wilson

Research output: Contribution to conferencePaperpeer-review

Abstract

Policy refinement is the process of deriving low-level policies from high-level policy specifications. A basic example is that of the refinement of policies referring to users, resources and applications at a high level, such as the level of virtual organsiations, to policies referring to user ids, resource addresses and computational commands at the low level of system and network environments. This paper tackles the refinement problem by proposing an approach using model-to-model transformation techniques for transforming XACML-based VO policies to the resource level. Moreover, the transformation results in deployable policies referring to at most a single resource, hence avoiding the problem of cross-domain intereference. The applicability of our approach is demonstrated within the domain of distributed geographic map processing.
Original languageEnglish
Publication statusPublished - 2011
EventInternational Symposium on Engineering Secure Software and Systems - Madrid, Spain
Duration: 9 Feb 201111 Feb 2011

Conference

ConferenceInternational Symposium on Engineering Secure Software and Systems
Abbreviated titleESSOS 2011
Country/TerritorySpain
CityMadrid
Period9/02/1111/02/11

Fingerprint

Dive into the research topics of 'Model-based refinement of security policies in collaborative virtual organisations'. Together they form a unique fingerprint.

Cite this