Modeling contextual security policies - Archive ouverte HAL Accéder directement au contenu
Article Dans Une Revue International Journal of Information Security Année : 2008

Modeling contextual security policies

Résumé

As computer infrastructures become more complex, security models must provide means to handle more flexible and dynamic requirements. In the Organization Based Access Control (OrBAC) model, it is possible to express such requirements using the notion of context. InOrBAC, each security rule (permission, prohibition, obligation or dispensation) only applies in a given context.Acontext is viewed as an extra condition that must be satisfied to activate a given security rule. In this paper, we present a taxonomy of different types of context and investigate the data the information system must manage in order to deal with these different contexts. We then explain how to model and evaluate them in the OrBAC model.

Dates et versions

hal-01207773 , version 1 (01-10-2015)

Identifiants

Citer

Frédéric Cuppens, Nora Cuppens-Bouhlahia. Modeling contextual security policies. International Journal of Information Security, 2008, 7 (4), pp.285 - 305. ⟨10.1007/s10207-007-0051-9⟩. ⟨hal-01207773⟩
74 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More