Title :
Specification and Enforcement of Dynamic Authorization Policies Oriented by Situations
Author :
Kabbani, Bashar ; Laborde, Romain ; Barrere, Francois ; Benzekri, Abdelmalek
Author_Institution :
Inst. of Res. in Inf. at Toulouse (IRIT), Univ. of Paul Sabatier (UPS), Toulouse, France
fDate :
March 30 2014-April 2 2014
Abstract :
Nowadays, accessing communication networks and systems faces multitude applications with large-scale requirements dimensions. Mobility -roaming services in particular- during urgent situations exacerbate the access control issues. Dynamic authorization then is required. However, traditional access control fails to ensure policies to be dynamic. Instead, we propose to externalize the dynamic behavior management of networks and systems through situations. Situations modularize the policy into groups of rules and orient decisions. Our solution limits policy updates and hence authorization inconsistencies. The authorization system is built upon the XACML architecture coupled with a complex event- processing engine to handle the concept of situations. Situation- oriented attribute based policies are defined statically allowing static verification and validation.
Keywords :
authorisation; XACML architecture; access control; dynamic authorization policies; mobility roaming services; Authorization; Computer architecture; Context; Engines; Medical services;
Conference_Titel :
New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on
Conference_Location :
Dubai
DOI :
10.1109/NTMS.2014.6814050
