Security@Runtime: A flexible MDE approach to enforce fine-grained security policies

Access Control; Java Security; Obligations; Security Domain Specific Language; Security Policies; Domain specific modeling languages; Fine-grained security policies; Integration of security; Policy enforcement points; Security domains; Security policy; Security systems; Java programming language

Résumé :

[en] In this paper, we present a policy-based approach for automating the integration of security mechanisms into Java-based business applications. In particular, we introduce an expressive Domain Specific modeling Language (Dsl), called Security@Runtime, for the specification of security configurations of targeted systems. The Security@Runtime Dsl supports the expression of authorization, obligation and reaction policies, covering many of the security requirements of modern applications. Security requirements specified in security configurations are enforced using an application-independent Policy Enforcement Point Pep)-Policy Decision Point (Pdp) architecture, which enables the runtime update of security requirements. Our work is evaluated using two systems and its advantages and limitations are discussed. © 2014 Springer International Publishing Switzerland.

Disciplines :

Sciences informatiques

Identifiants :

eid=2-s2.0-84900648558

Auteur, co-auteur :

ELRAKAIBY, Yehia ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

AMRANI, Moussa ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

LE TRAON, Yves ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)

Co-auteurs externes :

yes

Langue du document :

Anglais

Titre :

Security@Runtime: A flexible MDE approach to enforce fine-grained security policies

Date de publication/diffusion :

2014

Nom de la manifestation :

6th International Symposium on Engineering Secure Software and Systems, ESSoS 2014

Date de la manifestation :

26 February 2014 through 28 February 2014

Manifestation à portée :

International

Titre du périodique :

Lecture Notes in Computer Science

ISSN :

0302-9743

Volume/Tome :

8364 LNCS

Pagination :

19-34

Peer reviewed :

Peer reviewed

Organisme subsidiant :

Technische Universitat Munchen;NESSoS FP7 Project, Network of Excellence on;Engineering Secure Future Internet Software;Services and Systems

Commentaire :

103167 9783319048963

Disponible sur ORBilu :

depuis le 03 avril 2016

Statistiques

Nombre de vues

239 (dont 6 Unilu)

Nombre de téléchargements

327 (dont 1 Unilu)

Voir plus de statistiques

citations OpenAlex