Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Security in Computing and Communication

SSCC 2014: Security in Computing and Communications pp 120–135Cite as

Security Enhancement in Web Services by Detecting and Correcting Anomalies in XACML Policies at Design Level

  • Conference paper

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 467))

Abstract

The significance of XACML (Extensible Access Control Markup Language) policies for access control is immeasurably increasing particularly in web services. XACML policies are web access control policies which are used to permit the genuine users to access the resources and also deny the sham users. Generation of this XACML policy is very important task in order to avoid security seepage. Detecting and Correcting inconsistencies in access control policies are highly time consuming and tedious when size of XACML polices are high. The Process when done at execution time could even need more time and effort. The purpose of this work is to devise an anomaly detection and correction tool which could be used at the time of designing policies so as to reduce time and effort. Policy designer could easily discover and resolve the inconsistencies such as conflicts and redundancies in the XACML policies with the help of our XACML Policy Analyzer tool.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Godik, S., Moses, T.: Extensible Access Control Markup Language (XACML). version 2.0, OASIS Standard (2005)

    Google Scholar 

  2. Hu, H., Ahn, G., Kulkarni, K.: Discovery and Resolution of Anomalies in Web Access Control Policies, p. 11 (2013)

    Google Scholar 

  3. XACML. OASIS XACML committee website (2011), http://www.oasisopen.org/committees/xacml/

  4. Jajodia, S., Samarati, P., Subrahmanian, V.S.: A logical language for expressing authorizations. In: IEEE Symposium on Security and Privacy, Oakland, CA, pp. 31–42 (May 1997)

    Google Scholar 

  5. Jin, J., Ahn, G., Hu, H., Covington, M., Zhang, X.: Patient-centric authorization framework for sharing electronic health records. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, pp. 125–134. ACM, New York (2009)

    Chapter  Google Scholar 

  6. Li, N., Wang, Q., Qardaji, W., Bertino, E., Rao, P., Lobo, J., Lin, D.: Access control policy combining: theory meets practice. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, pp. 135–144. ACM (2009)

    Google Scholar 

  7. Lin, D., Rao, P., Bertino, E., Lobo, J.: An approach to evaluate policy similarity. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pp. 1–10. ACM (2007)

    Google Scholar 

  8. Lin, D., Rao, P., Bertino, E., Li, N., Lobo, J.: Exam: A Comprehensive Environment for the Analysis of Access Control Policies. International Journal of Information Security 9(4), 253–273 (2010)

    Article  Google Scholar 

  9. Hu, H., Ahn, E.: Enabling Verification And Conformance Testing For Access Control Model. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pp. 195–204. ACM (2008)

    Google Scholar 

  10. http://sunxacml.sourceforge.net

  11. Liu, A., Chen, F., Hwang, J., Xie, T.: XEngine: A Fast and Scalable XACML Policy Evaluation Engine. ACM SIGMETRICS Performance Evaluation

    Google Scholar 

  12. Bauer, L., Garriss, S., Reiter, M.: Detecting and Resolving Policy Misconfigurations In Access-Control Systems. ACM Transactions on Information and System Security (TISSEC) 1, 2–5 (2011)

    Google Scholar 

  13. Bryans, J.: Reasoning about XACML policies using CSP. In: Proceedings of the 2005 workshop on Secure Web Services, p. 35. ACM (2005)

    Google Scholar 

  14. Ahn, G., Hu, H., Lee, J., Meng, Y.: Representing and Reasoning about Web Access Control Policies. In: 34th Annual IEEE Computer Software and Applications Conference, pp. 137–146. IEEE (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Anna University, India

    M. Priyadharshini & R. Baskaran

  2. Department of Information Science and Technology, Anna University, India

    J. Yowan

Authors
  1. M. Priyadharshini
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. J. Yowan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. R. Baskaran
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Integrated Management Coastal Research Institute (IGIC), Universitat Politècnica de València, Grao de Gandia, 46033, Vaencia, Spain

    Jaime Lloret Mauri

  2. Indian Institute of Information Technology and Management, Technopark Campus, 695581, Trivandrum, Kerala, India

    Sabu M. Thampi

  3. Department of Electrical Engineering, Georgia Southern University, 8045, 30460, Statesboro, Georgia, USA

    Danda B. Rawat

  4. Chrysler Group LLC, 48326, Auburn Hills, MI, USA

    Di Jin

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Priyadharshini, M., Yowan, J., Baskaran, R. (2014). Security Enhancement in Web Services by Detecting and Correcting Anomalies in XACML Policies at Design Level. In: Mauri, J.L., Thampi, S.M., Rawat, D.B., Jin, D. (eds) Security in Computing and Communications. SSCC 2014. Communications in Computer and Information Science, vol 467. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44966-0_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-44966-0_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-44965-3

  • Online ISBN: 978-3-662-44966-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation