Reference : A Flexible MDE approach to Enforce Fine- grained Security Policies
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/14632
A Flexible MDE approach to Enforce Fine- grained Security Policies
English
Elrakaiby, Yehia mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Amrani, Moussa mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Le Traon, Yves mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
2014
Proceedings of the International Symposium on Engineering Secure Software and Systems
Yes
International
International Symposium on Engineering Secure Software and Systems
from 26-02-2014 to 28-02-2014
[en] In this paper, we present a policy-based approach for au-
tomating the integration of security mechanisms into Java-based business
applications. In particular, we introduce an expressive Domain Specific
modeling Language (Dsl), called Security@Runtime, for the specification
of security configurations of targeted systems. The Security@Runtime
Dsl supports the expression of authorization, obligation and reaction
policies, covering many of the security requirements of modern applica-
tions. Security requirements specified in security configurations are en-
forced using an application-independent Policy Enforcement Point (Pep)-
Policy Decision Point (Pdp) architecture, which enables the runtime up-
date of security requirements. Our work is evaluated using two systems
and its advantages and limitations are discussed
http://hdl.handle.net/10993/14632

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Limited access
ESSoS2014.pdfAuthor preprint635.94 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.