Sciweavers

SACMAT
2011
ACM

Anomaly discovery and resolution in web access control policies

13 years 3 months ago
Anomaly discovery and resolution in web access control policies
The advent of emerging technologies such as Web services, serviceoriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services while providing more convenient services to Internet users through such a cutting-edge technological growth. Furthermore, designing and managing Web access control policies are often error-prone due to the lack of effective analysis mechanisms and tools. In this paper, we represent an innovative policy anomaly analysis approach for Web access control policies. We focus on XACML (eXtensible Access Control Markup Language) policy since XACML has become the de facto standard for specifying and enforcing access control policies for various Webbased applications and services. We introduce a policy-based segmentation technique to accurately identify policy anomalies and derive effective anomaly resolution...
Hongxin Hu, Gail-Joon Ahn, Ketan Kulkarni
Added 17 Sep 2011
Updated 17 Sep 2011
Type Journal
Year 2011
Where SACMAT
Authors Hongxin Hu, Gail-Joon Ahn, Ketan Kulkarni
Comments (0)