Title :
A deployment framework for self-contained policies
Author :
Cheaito, Marwan ; Laborde, Romain ; Barrére, François ; Benzekri, Abdelmalek
Author_Institution :
IRIT/SIERA, Univ. Paul Sabatier, Toulouse, France
Abstract :
One of the key motivations of policy-based management is flexibility and adaptability to existing infrastructure and change management. In the context of security, modern policy languages such as XACML are extensible and support natively the expression of new information and manipulation operations. However, policy engines, which evaluate users´ requests according to policies, may not support this new policy information. As a consequence, policy writers have to verify whether the target policy engine can execute his/her policy or not when (s)he writes it. In this article, we present the concept of self-contained policy to solve this deployment issue. A self-contained policy includes all the necessary information required by a policy engine to execute a policy. We propose a service component based architecture to support self-contained policies. An OSGi-Based implementation validates the approach.
Keywords :
XML; authorisation; business data processing; management of change; software architecture; OSGi; XACML; attribute based access control; change management; deployment framework; infrastructure management; modern policy language; policy engine; policy information; policy-based management; security; self-contained policy; service component based architecture; Authorization; Context; Engines; Ontologies; Organizations; XML; XACML; attribute based access control; component; policy deployment; self-contained policy;
Conference_Titel :
Network and Service Management (CNSM), 2010 International Conference on
Conference_Location :
Niagara Falls, ON
Print_ISBN :
978-1-4244-8910-7
Electronic_ISBN :
978-1-4244-8908-4
DOI :
10.1109/CNSM.2010.5691328
