AAL and Static Conflict Detection in Policy - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2016

AAL and Static Conflict Detection in Policy

Résumé

Security and privacy requirements in ubiquitous systems need a sophisticated policy language with features to express access restrictions and obligations. Ubiquitous systems involve multiple actors owning sensitive data concerning aspects such as location, discrete and continuous time, multiple roles that can be shared among actors or evolve over time. Policy consistency is an important problem in languages supporting these aspects. In this paper we present an abstract language (AAL) to specify most of these security and privacy features and compare it with XACML. We also classified the existing conflict detection mechanisms for XACML in dynamic, testing, or static detection. A thorough analysis of these mechanisms reveals that they have several weaknesses and they are not applicable in our context. We advocate for a classic approach using the notion of logical consistency to detect conflicts in AAL.
Fichier non déposé

Dates et versions

hal-01396376 , version 1 (14-11-2016)

Identifiants

Citer

Jean-Claude Royer, Anderson Santana de Oliveira. AAL and Static Conflict Detection in Policy. 15th International Conference on Cryptology and Network Security, Nov 2016, Milan, Italy. pp.362-382, ⟨10.1007/978-3-319-48965-0_22⟩. ⟨hal-01396376⟩
105 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More