Abstract
This paper proposes a context-based security model and describes one of the design and implementation of enforcement mechanism of it. In this access control model, a kind of object-oriented petri-net with nets-within-nets semantics is adopted as a context representation.
This approach is, particularly, expected to be suitable for dynamic access control within inter-organizational business processes. The overall architecture of the access control model is designed by extending XACML standard architecture. And a Scala-based internal Domain Specific Language is designed to specify security policies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Valk, R.: Object Petri Nets. In: Desel, J., Reisig, W., Rozenberg, G. (eds.) Lectures on Concurrency and Petri Nets. LNCS, vol. 3098, pp. 819–848. Springer, Heidelberg (2004)
Sandhu, M.S., Coyne, E.J., et al.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)
OASIS Standard: eXtensible Access Control Markup Language(XACML) 3.0 (January 22, 2013), http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf
Sun Microsystems, Inc.: Sun’s XACML Implementation (July 16, 2004), http://sunxacml.sourceforge.net/
Health Policy Bureau of Ministry of Health, Labor and Welfare, Japan: For partial revision of the scope of the emergency life-saving treatment (in Japanese), Health Policy NotificationN o.0302001 (March 2, 2009), http://www.mhlw.go.jp/topics/2009/03/dl/tp0306-3a.pdf
Nielsen, M., Winskel, G.: Petri nets and bisimulation. Theoretical Computer Science 153(1-2), 211–244 (1986)
Thomas, R.K.: Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments. In: RBAC 1997 Proceedings of the Second ACM Workshop on Role-based Access Control, pp. 13–19 (1997)
Deng, J., Brooks, R., Taiber, J.: Security Automata Integrated XACML and Security Validation. In: Proc IEEE SOUTHEASTCON 2010, pp. 338-343 (March 2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Iijima, T., Kido, S. (2014). Design and Implementation of a Context-Based Security Model. In: Kravets, A., Shcherbakov, M., Kultsova, M., Iijima, T. (eds) Knowledge-Based Software Engineering. JCKBSE 2014. Communications in Computer and Information Science, vol 466. Springer, Cham. https://doi.org/10.1007/978-3-319-11854-3_30
Download citation
DOI: https://doi.org/10.1007/978-3-319-11854-3_30
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11853-6
Online ISBN: 978-3-319-11854-3
eBook Packages: Computer ScienceComputer Science (R0)