loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Maryem Ait El Hadj 1 ; Meryeme Ayache 1 ; Yahya Benkaouz 2 ; Ahmed Khoumsi 3 and Mohammed Erradi 1

Affiliations: 1 NDSR Group, ENSIAS and Mohammed V University in Rabat, Morocco ; 2 Conception and Systems Laboratory, FSR and Mohammed V University in Rabat, Morocco ; 3 University of Sherbrooke, Canada

Keyword(s): ABAC, XACML Policies, Clustering, Similarity Computation, Anomaly Detection.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Information and Systems Security ; Internet Technology ; Security and Privacy Policies ; Security in Distributed Systems ; Web Information Systems and Technologies

Abstract: The development of distributed applications arises multiple security issues such as access control. Attribute-Based Access Control has been proposed as a generic access control model, which provides more flexibility and promotes information and security sharing. eXtensible Access Control Markup Language (XACML) is the most convenient way to express ABAC policies. However, in distributed environments, XACML policies become more complex and hard to manage. In fact, an XACML policy in distributed applications may be aggregated from multiple parties and can be managed by more than one administrator. Therefore, it may contain several anomalies such as conflicts and redundancies, which may affect the performance of the policy execution. In this paper, we propose an anomaly detection method based on the decomposition of a policy into clusters before searching anomalies within each cluster. Our evaluation results demonstrate the efficiency of the suggested approach.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.16.51.237

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Ait El Hadj, M.; Ayache, M.; Benkaouz, Y.; Khoumsi, A. and Erradi, M. (2017). Clustering-based Approach for Anomaly Detection in XACML Policies. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT; ISBN 978-989-758-259-2; ISSN 2184-3236, SciTePress, pages 548-553. DOI: 10.5220/0006471205480553

@conference{secrypt17,
author={Maryem {Ait El Hadj}. and Meryeme Ayache. and Yahya Benkaouz. and Ahmed Khoumsi. and Mohammed Erradi.},
title={Clustering-based Approach for Anomaly Detection in XACML Policies},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT},
year={2017},
pages={548-553},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006471205480553},
isbn={978-989-758-259-2},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT
TI - Clustering-based Approach for Anomaly Detection in XACML Policies
SN - 978-989-758-259-2
IS - 2184-3236
AU - Ait El Hadj, M.
AU - Ayache, M.
AU - Benkaouz, Y.
AU - Khoumsi, A.
AU - Erradi, M.
PY - 2017
SP - 548
EP - 553
DO - 10.5220/0006471205480553
PB - SciTePress