Anomaly discovery and resolution in web access control policies

12 years 7 months ago

Download www.public.asu.edu

The advent of emerging technologies such as Web services, serviceoriented architecture, and cloud computing has enabled us to perform business services more efﬁciently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services while providing more convenient services to Internet users through such a cutting-edge technological growth. Furthermore, designing and managing Web access control policies are often error-prone due to the lack of effective analysis mechanisms and tools. In this paper, we represent an innovative policy anomaly analysis approach for Web access control policies. We focus on XACML (eXtensible Access Control Markup Language) policy since XACML has become the de facto standard for specifying and enforcing access control policies for various Webbased applications and services. We introduce a policy-based segmentation technique to accurately identify policy anomalies and derive effective anomaly resolution...

Hongxin Hu, Gail-Joon Ahn, Ketan Kulkarni

Real-time Traffic

Anomaly Management | Control Systems | Extensible Access Control Markup Language | SACMAT 2011 | Web Access Control |

claim paper

Added	17 Sep 2011
Updated	17 Sep 2011
Type	Journal
Year	2011
Where	SACMAT
Authors	Hongxin Hu, Gail-Joon Ahn, Ketan Kulkarni

Sciweavers

Anomaly discovery and resolution in web access control policies

Anomaly Management | Control Systems | Extensible Access Control Markup Language | SACMAT 2011 | Web Access Control |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers