Paper published in a journal (Scientific congresses, symposiums and conference proceedings)
Security@Runtime: A flexible MDE approach to enforce fine-grained security policies
Elrakaiby, Yehia; Amrani, Moussa; Le Traon, Yves
2014In Lecture Notes in Computer Science, 8364 LNCS, p. 19-34
Peer reviewed
 

Files


Full Text
Security@Runtime.pdf
Publisher postprint (1.8 MB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Access Control; Java Security; Obligations; Security Domain Specific Language; Security Policies; Domain specific modeling languages; Fine-grained security policies; Integration of security; Policy enforcement points; Security domains; Security policy; Security systems; Java programming language
Abstract :
[en] In this paper, we present a policy-based approach for automating the integration of security mechanisms into Java-based business applications. In particular, we introduce an expressive Domain Specific modeling Language (Dsl), called Security@Runtime, for the specification of security configurations of targeted systems. The Security@Runtime Dsl supports the expression of authorization, obligation and reaction policies, covering many of the security requirements of modern applications. Security requirements specified in security configurations are enforced using an application-independent Policy Enforcement Point Pep)-Policy Decision Point (Pdp) architecture, which enables the runtime update of security requirements. Our work is evaluated using two systems and its advantages and limitations are discussed. © 2014 Springer International Publishing Switzerland.
Disciplines :
Computer science
Identifiers :
eid=2-s2.0-84900648558
Author, co-author :
Elrakaiby, Yehia ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Amrani, Moussa ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Le Traon, Yves ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
External co-authors :
yes
Language :
English
Title :
Security@Runtime: A flexible MDE approach to enforce fine-grained security policies
Publication date :
2014
Event name :
6th International Symposium on Engineering Secure Software and Systems, ESSoS 2014
Event date :
26 February 2014 through 28 February 2014
Audience :
International
Journal title :
Lecture Notes in Computer Science
ISSN :
0302-9743
Volume :
8364 LNCS
Pages :
19-34
Peer reviewed :
Peer reviewed
Funders :
Technische Universitat Munchen;NESSoS FP7 Project, Network of Excellence on;Engineering Secure Future Internet Software;Services and Systems
Commentary :
103167 9783319048963
Available on ORBilu :
since 03 April 2016

Statistics


Number of views
157 (5 by Unilu)
Number of downloads
257 (0 by Unilu)

Bibliography


Similar publications



Contact ORBilu