Abstract
The tasks a system administrator must fulfill become more and more complex as information systems increase in complexity and connectivity. More specifically, the problem of the expression and update of security requirements is central. Formal models designed to express security policies have proved to be necessary since they provide non ambiguous semantics to analyze them. However, such models as RBAC or OrBAC are not used to express reaction requirements which specify the reaction policy to enforce when intrusions are detected. We present in this article an extension of the OrBAC model by defining dynamic organizations and threat contexts to enable the expression and enforcement of reaction requirements.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma, C.: Motorbac 2: a security policy tool. In: Third Joint Conference on Security in Networks Architectures and Security of Information Systems (SARSSI) (2008)
Brackney, R.: Cyber-intrusion response. In: Proceedings of the 17th IEEE Symposium on Reliable Distributed Systems (1998)
Cuppens, F., Autrel, F., Bouzida, Y., Garcia, J., Gombault, S., Sans, T.: Anti-correlation as a criterion to select appropriate counter-measures in an intrusion detection framework (2006)
Cuppens-Boulahia, N., Cuppens, F., Lopez de Vergara, J.E., Vazquez, E., Guerra, J., Debar, H.: An ontology-based approach to react to network attacks. In: Third International Conference on Risk and Security of Internet and Systems (CRiSIS 2008) (2008)
Cuppens, F., Cuppens-Boulahia, N.: Modeling contextual security policies. International Journal of Information Security (IJIS) 7(4) (August 2008)
Cuppens, F., Cuppens-Boulahia, N., Bouzida, Y., Kanoun, W., Croissant, A.: Expression and deployment of reaction policies. In: SITIS Workshop Web-Based Information Technologies and Distributed Systems (WITDS), Bali, Indonesia (2008)
Cuppens, F., Cuppens-Boulahia, N., Ben Ghorbel, M.: High-level conflict management strategies in advanced access control models. Electronic Notes in Theoretical Computer Science (ENTCS) (2007)
Cuppens, F., Cuppens-Boulahia, N., Miège, A.: Inheritance hierarchies in the Or-BAC model and application in a network environment. In: Second Foundations of Computer Security Workshop (FCS 2004) (2004)
Carver, C.A., Pooch, U.W.: An intrusion response taxonomy and its role in automatic intrusion response. In: IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop (2000)
Dittrich, D.: The DoS project’s trinoo distributed denial of service attack tool (1999), http://staff.washington.edu/dittrich/misc/trinoo.analysis
Debar, H., Thomas, Y., Cuppens, F., Cuppens-Boulahia, N.: Enabling automated threat response through the use of a dynamic security policy. Journal in Computer Virology 3(3) (2007)
Fisch, E.A.: A taxonomy and implementation of automated responses to intrusive behavior. PhD thesis, Texas A and M University (1996)
Ferrailo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for rbac. ACM Transactions on Information and System Security (2001)
Gama, P., Ferreira, P.: Obligation policies: An enforcement platform. In: IEEE International Workshop on Policies for Distributed Systems and Networks (2005)
Debar, H., Curry, D., Feinstein, B.: The intrusion detection message exchange format (idmef) (2007)
Abou El Kalam, A., El Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarteand, Y., Miège, A., Saurel, C., Trouessin, G.: Organization based access control. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (Policy 2003) (2003)
Motta, G.H.M.B., Furuie, S.S.: A contextual role-based access control authorization model for electronic patient record. IEEE Transactions on information technology in biomedicine 7(3) (2003)
NETCONF Working Group. Netconf., http://tools.ietf.org/wg/netconf/trac/wiki
Preda, S., Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J., Toutain, L.: Reliable process for security policy deployment. In: International Conference on Security and Cryptography (Secrypt 2007) (2007)
Stakhanova, N., Basu, S., Wong, J.: A taxonomy of intrusion response systems. International Journal of Information and Computer Security 1(1/2), 169–184 (2007)
Ullman, J.D.: Principles of database and knowledge-base systems. Computer Science Press (1989)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Autrel, F., Cuppens-Boulahia, N., Cuppens, F. (2009). Reaction Policy Model Based on Dynamic Organizations and Threat Context. In: Gudes, E., Vaidya, J. (eds) Data and Applications Security XXIII. DBSec 2009. Lecture Notes in Computer Science, vol 5645. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03007-9_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-03007-9_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03006-2
Online ISBN: 978-3-642-03007-9
eBook Packages: Computer ScienceComputer Science (R0)