Clustering-based approach for anomaly detection in XACML policies

TitreClustering-based approach for anomaly detection in XACML policies
Publication TypeConference Paper
Year of Publication2017
AuthorsHadj, MAEl, Ayache, M, Benkaouz, Y, Khoumsi, A, Erradi, M
Conference NameICETE 2017 - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications

The development of distributed applications arises multiple security issues such as access control. Attribute-Based Access Control has been proposed as a generic access control model, which provides more flexibility and promotes information and security sharing. eXtensible Access Control Markup Language (XACML) is the most convenient way to express ABAC policies. However, in distributed environments, XACML policies become more complex and hard to manage. In fact, an XACML policy in distributed applications may be aggregated from multiple parties and can be managed by more than one administrator. Therefore, it may contain several anomalies such as conflicts and redundancies, which may affect the performance of the policy execution. In this paper, we propose an anomaly detection method based on the decomposition of a policy into clusters before searching anomalies within each cluster. Our evaluation results demonstrate the efficiency of the suggested approach. Copyright © 2017 by SCITEPRESS - Science and Technology Publications, Lda. All rights reserved.




Suivez-nous sur





Avenue Mohammed Ben Abdallah Regragui, Madinat Al Irfane, BP 713, Agdal Rabat, Maroc

  Télécopie : (+212) 5 37 68 60 78

  Secrétariat de direction : 06 61 48 10 97

        Secrétariat général : 06 61 34 09 27

        Service des affaires financières : 06 61 44 76 79

        Service des affaires estudiantines : 06 62 77 10 17 /

        Résidences : 06 61 82 89 77



    Compteur de visiteurs:480,034
    Education - This is a contributing Drupal Theme
    Design by WeebPal.