Achieving dynamicity in security policies enforcement using aspects

The dynamic configuration and evolution of large-scale heterogeneous systems has made the enforcement of security requirements one of the most critical phases throughout the system development lifecycle. In this paper, we propose a framework architecture to associate the security policies with the s...

Celý popis

Uložené v:

Podrobná bibliografia
Vydané v:	International journal of information security Ročník 17; číslo 1; s. 83 - 103
Hlavní autori:	Ayed, Samiha, Idrees, Muhammad Sabir, Cuppens, Nora, Cuppens, Frederic
Médium:	Journal Article
Jazyk:	English
Vydavateľské údaje:	Berlin/Heidelberg Springer Berlin Heidelberg 01.02.2018 Springer Nature B.V
Predmet:	Access Access control Coding and Information Theory Communications Engineering Computer Communication Networks Computer programming Computer Science Cryptology Deployment Enforcement Frame analysis Management of Computing and Information Systems Modularity Networks Operating Systems Policies Regular Contribution Security Specification Access control Usage control Deployment AOP Security policies
ISSN:	1615-5262, 1615-5270
On-line prístup:	Získať plný text
Tagy:	Pridať tag Žiadne tagy, Buďte prvý, kto otaguje tento záznam!

Abstract	The dynamic configuration and evolution of large-scale heterogeneous systems has made the enforcement of security requirements one of the most critical phases throughout the system development lifecycle. In this paper, we propose a framework architecture to associate the security policies with the specification and the execution phases of applications defined for these systems. Our proposed framework is based on an aspect-oriented programming approach and on the organization-based access control model to dynamically enforce and manage the access and the usage control. The deployment of the framework modules, proposed in this paper, takes into account the changes that may occur in the security policy during the application execution. We also present the implementation as well as the evaluation of our proposition.
AbstractList	The dynamic configuration and evolution of large-scale heterogeneous systems has made the enforcement of security requirements one of the most critical phases throughout the system development lifecycle. In this paper, we propose a framework architecture to associate the security policies with the specification and the execution phases of applications defined for these systems. Our proposed framework is based on an aspect-oriented programming approach and on the organization-based access control model to dynamically enforce and manage the access and the usage control. The deployment of the framework modules, proposed in this paper, takes into account the changes that may occur in the security policy during the application execution. We also present the implementation as well as the evaluation of our proposition.
Author	Ayed, Samiha Cuppens, Nora Idrees, Muhammad Sabir Cuppens, Frederic
Author_xml	– sequence: 1 givenname: Samiha surname: Ayed fullname: Ayed, Samiha email: samiha.ayed@telecom-bretagne.eu organization: Institut Mines-Telecom/Telecom Bretagne – sequence: 2 givenname: Muhammad Sabir surname: Idrees fullname: Idrees, Muhammad Sabir organization: Institut Mines-Telecom/Telecom Bretagne – sequence: 3 givenname: Nora surname: Cuppens fullname: Cuppens, Nora organization: Institut Mines-Telecom/Telecom Bretagne – sequence: 4 givenname: Frederic surname: Cuppens fullname: Cuppens, Frederic organization: Institut Mines-Telecom/Telecom Bretagne
BookMark	eNp9kE1LxDAQhoOs4Lr6A7wVPFdn0jZpj8viFyx40XPIJtM1y25ak1bYf29LRUTQ07wM88wMzzmb-cYTY1cINwggbyMCB5kCihSyQqbihM1RYJEWXMLsOwt-xs5j3AFwhArnbLU0b44-nN8m9uj1wRnXHRPnk0imD2Num_3QpJiQr5tg6EC-S_o4Ejq2ZLp4wU5rvY90-VUX7PX-7mX1mK6fH55Wy3VqMhRdWgqjcyF1XpgabGEJSg6gsbISNmYjqNY5WpKF5TzDUqMkU1grbcU1SWGzBbue9rahee8pdmrX9MEPJxVWVcahzAUOUzhNmdDEGKhWbXAHHY4KQY2u1ORKDa7U6EqJgZG_mEGD7lzju6Dd_l-ST2QcrvgthR8__Ql9AlkdgFE
CitedBy_id	crossref_primary_10_1007_s10916_017_0844_y
Cites_doi	10.1016/j.websem.2004.07.002 10.1145/1509239.1509244 10.1145/1739230.1739253 10.1145/242224.242420 10.1007/s10207-007-0051-9 10.1016/j.scico.2009.10.002 10.1109/SERVICES.2007.18 10.1109/POLICY.2003.1206966 10.1109/SITIS.2013.57 10.1109/ICWS.2005.129 10.1002/0470862084.ch1 10.1016/j.datak.2011.09.001 10.1007/978-3-642-29023-7_17 10.1016/j.entcs.2007.01.064 10.1145/1739230.1739254 10.1145/1509239.1509275 10.1504/IJCAT.2008.017725 10.1109/2.485845 10.1109/MIC.2006.116
ContentType	Journal Article
Copyright	Springer-Verlag Berlin Heidelberg 2017 International Journal of Information Security is a copyright of Springer, (2017). All Rights Reserved.
Copyright_xml	– notice: Springer-Verlag Berlin Heidelberg 2017 – notice: International Journal of Information Security is a copyright of Springer, (2017). All Rights Reserved.
DBID	AAYXX CITATION 0-V 3V. 7SC 7WY 7WZ 7XB 87Z 88F 8AL 8AM 8AO 8FD 8FE 8FG 8FK 8FL ABUWG AFKRA ALSLI ARAPS AZQEC BENPR BEZIV BGLVJ BGRYB CCPQU DWQXO FRNLG F~G GNUQQ HCIFZ JQ2 K60 K6~ K7- K7. L.- L7M L~C L~D M0C M0N M0O M1Q P5Z P62 PHGZM PHGZT PKEHL PQBIZ PQBZA PQEST PQGLB PQQKQ PQUKI PRINS PRQQA Q9U
DOI	10.1007/s10207-016-0357-6
DatabaseName	CrossRef ProQuest Social Sciences Premium Collection【Remote access available】 ProQuest Central (Corporate) Computer and Information Systems Abstracts ABI/INFORM Collection ABI/INFORM Global (PDF only) ProQuest Central (purchase pre-March 2016) ABI/INFORM Collection Military Database (Alumni Edition) Computing Database (Alumni Edition) Criminal Justice Database (Alumni Edition) ProQuest Pharma Collection Technology Research Database ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central (Alumni) (purchase pre-March 2016) ABI/INFORM Collection (Alumni Edition) ProQuest Central (Alumni) ProQuest Central UK/Ireland Social Science Premium Collection Advanced Technologies & Computer Science Collection ProQuest Central Essentials ProQuest Central Business Premium Collection Technology collection Criminology Collection ProQuest One Community College ProQuest Central Business Premium Collection (Alumni) ABI/INFORM Global (Corporate) ProQuest Central Student SciTech Premium Collection ProQuest Computer Science Collection ProQuest Business Collection (Alumni Edition) ProQuest Business Collection Computer Science Database ProQuest Criminal Justice (Alumni) ABI/INFORM Professional Advanced Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional ABI/INFORM Global (OCUL) Computing Database Criminal Justice Database Military Database Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Premium ProQuest One Academic (New) ProQuest One Academic Middle East (New) ProQuest One Business (OCUL) ProQuest One Business (Alumni) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Applied & Life Sciences ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central China ProQuest One Social Sciences ProQuest Central Basic
DatabaseTitle	CrossRef ProQuest Business Collection (Alumni Edition) Computer Science Database ProQuest Central Student ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Computer Science Collection Computer and Information Systems Abstracts SciTech Premium Collection ProQuest Military Collection ProQuest Central China ABI/INFORM Complete ProQuest One Applied & Life Sciences ProQuest Central (New) Advanced Technologies & Aerospace Collection Business Premium Collection Social Science Premium Collection ABI/INFORM Global ProQuest One Academic Eastern Edition ProQuest Technology Collection ProQuest Business Collection Criminology Collection Criminal Justice Periodicals (Alumni Edition) ProQuest Social Sciences Premium Collection ProQuest One Academic UKI Edition ProQuest One Academic ProQuest One Academic (New) ABI/INFORM Global (Corporate) ProQuest One Business Technology Collection Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest One Academic Middle East (New) ProQuest Central (Alumni Edition) ProQuest One Community College ProQuest Pharma Collection ProQuest Central ABI/INFORM Professional Advanced ProQuest Criminal Justice ProQuest Central Korea Advanced Technologies Database with Aerospace ABI/INFORM Complete (Alumni Edition) ProQuest Computing ProQuest One Social Sciences ABI/INFORM Global (Alumni Edition) ProQuest Central Basic ProQuest Computing (Alumni Edition) ProQuest Military Collection (Alumni Edition) ProQuest SciTech Collection Computer and Information Systems Abstracts Professional Advanced Technologies & Aerospace Database ProQuest Criminal Justice (Alumni) ProQuest One Business (Alumni) ProQuest Central (Alumni) Business Premium Collection (Alumni)
DatabaseTitleList	ProQuest Business Collection (Alumni Edition)
Database_xml	– sequence: 1 dbid: BENPR name: ProQuest Central url: https://www.proquest.com/central sourceTypes: Aggregation Database
DeliveryMethod	fulltext_linktorsrc
Discipline	Computer Science
EISSN	1615-5270
EndPage	103
ExternalDocumentID	10_1007_s10207_016_0357_6
GroupedDBID	-59 -5G -BR -EM -Y2 -~C .4S .86 .DC .VR 0-V 06D 0R~ 0VY 1N0 1SB 203 29J 2J2 2JN 2JY 2KG 2LR 2P1 2VQ 2~H 30V 3V. 4.4 406 408 409 40D 40E 5GY 5VS 67Z 6KP 6NX 7WY 8AO 8FE 8FG 8FL 8FW 8TC 8VB 95- 95. 95~ 96X AAAVM AABHQ AACDK AAHNG AAIAL AAJBT AAJKR AANZL AARHV AARTL AASML AATNV AATVU AAUYE AAWCG AAYIU AAYQN AAYTO AAYZH ABAKF ABBBX ABBXA ABDBF ABDZT ABECU ABFTD ABFTV ABHQN ABJNI ABJOX ABKCH ABKTR ABMNI ABMQK ABNWP ABQBU ABQSL ABSXP ABTEG ABTHY ABTKH ABTMW ABULA ABUWG ABWNU ABXPI ACAOD ACBXY ACDTI ACGFS ACHSB ACHXU ACKNC ACMDZ ACMLO ACOKC ACOMO ACPIV ACSNA ACUHS ACZOJ ADHHG ADHIR ADINQ ADKNI ADKPE ADMLS ADRFC ADTPH ADURQ ADYFF ADZKW AEBTG AEFQL AEGNC AEJHL AEJRE AEKMD AEMOZ AEMSY AENEX AEOHA AEPYU AESKC AETLH AEVLU AEXYK AFBBN AFGCZ AFKRA AFLOW AFQWF AFWTZ AFZKB AGAYW AGDGC AGJBK AGMZJ AGQEE AGQMX AGRTI AGWIL AGWZB AGYKE AHAVH AHBYD AHKAY AHQJS AHSBF AHYZX AIAKS AIGIU AIIXL AILAN AITGF AJBLW AJRNO AJZVZ AKVCP ALMA_UNASSIGNED_HOLDINGS ALSLI ALWAN AMKLP AMXSW AMYLF AMYQR AOCGG ARALO ARAPS ARCSS ARMRJ ASPBG AVWKF AXYYD AYJHY AZFZN AZQEC B-. B0M BA0 BDATZ BENPR BEZIV BGLVJ BGNMA BGRYB BPHCQ BSONS CAG CCPQU COF CS3 CSCUP DDRTE DL5 DNIVK DPUIP DU5 DWQXO EAD EAP EBA EBLON EBR EBS EBU ECS EDO EIOEI EIS EJD EMK EPL ESBYG EST ESX FEDTE FERAY FFXSO FIGPU FIL FINBP FNLPD FRNLG FRRFC FSGXE FWDCC GGCAI GGRSB GJIRD GNUQQ GNWQR GQ6 GQ7 GQ8 GROUPED_ABI_INFORM_COMPLETE GXS H13 HCIFZ HF~ HG5 HG6 HLICF HMJXF HQYDN HRMNR HVGLF HZ~ I-F I09 IHE IJ- IKXTQ ITM IWAJR IXC IXE IZIGR IZQ I~X I~Z J-C J0Z JBSCW JCJTX JZLTJ K1G K60 K6V K6~ K7- KDC KOV LAS LLZTM M0C M0N M0O M1Q M4Y MA- N2Q NB0 NPVJJ NQJWS NU0 O9- O93 O9J P2P P62 P9O PF0 PQBIZ PQBZA PQQKQ PROAC PT4 Q2X QOS QWB R89 R9I RNS ROL RPX RSV S16 S1Z S27 S3B SAP SCO SDH SHX SISQX SJYHP SNE SNPRN SNX SOHCF SOJ SPISZ SRMVM SSLCW STPWE SZN T13 TH9 TN5 TSG TSK TSV TUC TUS U2A UG4 UOJIU UTJUX UZXMN VC2 VFIZW W23 W48 WK8 YLTOR Z45 Z5O Z7R Z7X Z81 Z83 Z88 ZL0 ZMTXR ~8M ~A9 AAPKM AAYXX ABBRH ABDBE ABFSG ABRTQ ACSTC ADHKG AEZWR AFDZB AFFHD AFHIU AFOHR AGQPQ AHPBZ AHWEU AIXLP ATHPR AYFIA CITATION PHGZM PHGZT PQGLB PRQQA 7SC 7XB 8AL 8FD 8FK JQ2 K7. L.- L7M L~C L~D PKEHL PQEST PQUKI PRINS Q9U
ID	FETCH-LOGICAL-c316t-86ca467a45cf0d5de08200a19d70bcb6efa41de75d22318a17ec5dd7d92ae76d3
IEDL.DBID	7WY
ISICitedReferencesCount	2
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000422991300005&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN	1615-5262
IngestDate	Thu Nov 20 04:32:37 EST 2025 Sat Nov 29 02:59:44 EST 2025 Tue Nov 18 21:53:34 EST 2025 Fri Feb 21 02:37:20 EST 2025
IsPeerReviewed	true
IsScholarly	true
Issue	1
Keywords	Access control Usage control Deployment AOP Security policies
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-c316t-86ca467a45cf0d5de08200a19d70bcb6efa41de75d22318a17ec5dd7d92ae76d3
Notes	ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14
PQID	1993208461
PQPubID	43999
PageCount	21
ParticipantIDs	proquest_journals_1993208461 crossref_primary_10_1007_s10207_016_0357_6 crossref_citationtrail_10_1007_s10207_016_0357_6 springer_journals_10_1007_s10207_016_0357_6
PublicationCentury	2000
PublicationDate	20180200 2018-2-00 20180201
PublicationDateYYYYMMDD	2018-02-01
PublicationDate_xml	– month: 2 year: 2018 text: 20180200
PublicationDecade	2010
PublicationPlace	Berlin/Heidelberg
PublicationPlace_xml	– name: Berlin/Heidelberg – name: Heidelberg
PublicationTitle	International journal of information security
PublicationTitleAbbrev	Int. J. Inf. Secur
PublicationYear	2018
Publisher	Springer Berlin Heidelberg Springer Nature B.V
Publisher_xml	– name: Springer Berlin Heidelberg – name: Springer Nature B.V
References	Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma-Brebel, C.: MotOrBAC 2: a security policy tool. In: Sarssi’08: 3ème conférence sur la sécurité des architectures réseaux et des systèmes d’information. Loctudy (2008) Curry, E., Mahmoud, Q.H.: Message-oriented middleware. Middlew. Commun. 1–28 (2004). ISBN 978-0-470-86206-3 CuppensFCuppens-BoulahiaNGhorbelMBHigh level conflict management strategies in advanced access control modelsElectron. Notes Theor. Comput. Sci.2007186326245927510.1016/j.entcs.2007.01.0641277.68031 Kalam, A.A.E., Benferhat, S., Miège, A., El Baida, R., Cuppens, F., Saurel, C., Balbiani, P., Deswarte, Y., Trouessin, G.: Organization based access control. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks. Policy ’03, 120. IEEE Computer Society, Washington. (2003). ISBN 0-7695-1933-4. http://dl.acm.org/citation.cfm?id=826036.826869 Falcone, Y., Jaber, M.: Towards automatic integration of Or-BAC security policies using aspects. In: Software Engineering Research and Practice, pp. 495–499 (2010) Cannon, B., Wohlstadter, E.: Enforcing security for desktop clients using authority aspects. In: Aosd ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 255–266. (2009). ISBN 978-1-60558-442-3 ElrakaibyYCuppensFCuppens-BoulahiaNFormal enforcement and management of obligation policiesData Knowl. Eng.201271112714710.1016/j.datak.2011.09.001 CuppensFCuppens-BoulahiaNModeling contextual security policiesInt. J. Inf. Secur.20087428530510.1007/s10207-007-0051-91143.03344 KiczalesGAspect-oriented programmingACM Comput. Surv1996284es15410.1145/242224.242420 Coma-Brebel, C.: Interopérabilité et cohérence de politiques de sécurité pour les réseaux auto-organisants. Th. doct.: Informatique, Institut Mines-Télécom-Télécom Bretagne-UBL (2009) Alhadidi, D., Boukhtouta, A., Belblidia, N., Debbabi, M., Bhattacharya, P.: The dataflow pointcut: a formal and practical framework. In: AOSD ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 15–26. ACM, New York. (2009). doi:10.1145/1509239.1509244. ISBN 978-1-60558-442-3 Ponnalagu, K., Narendra, N.C., Krishnamurthy, J., Ramkumar, R.: Aspect-oriented approach for non-functional adaptation of composite web services. In: Services, 2007 IEEE Congress on, pp. 284–291. (2007). doi:10.1109/SERVICES.2007.18 Prud’hommeaux, E., Seaborne, A.: SPARQL Query Language for RDF. Recommendation, W3C (2008) Cannon, B., Wohlstadter, E.: Enforcing security for desktop clients using authority aspects. In Aosd ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 255–266. ACM, New York (2009). doi:10.1145/1509239.1509275. ISBN 978-1-60558-442-3 Kalam, A.A.E., Baida, R.E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C., Trouessin, G.: Organization based access control. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (2003). doi:10.1109/POLICY.2003.1206966 Fikes, R., Hayes, P., Horrocks, I.: OWL-QL—a language for deductive query answering on the Semantic Web. Web Semantics: Science, Services and Agents on the World Wide Web 2(1), 19–29 (2004) O’Connor, M., Das, A.: SQWRL: a query language for OWL. In: Proceedings of the 5th International Workshop on OWL: Experiences and Directions. Owled’09 (2009) Idrees, M.S., Serme, G., Roudier, Y., De Oliveira, A.S., Grall, H., Sudholt, M.: Evolving security requirements in multi-layered service-oriented-architectures. In: SETOP: 4th International Workshop on Autonomous and Spontaneous Security. BELGIQUE, Leuven (2011) FradetPHaSHTAspects of availability: enforcing timed properties to prevent denial of serviceSci. Comput. Program.201075751654210.1016/j.scico.2009.10.0021211.68070 XuDGoelVNygardKEWong EricWAspect-oriented specification of threat-driven security requirementsInt. J. Comput. Appl. Technol.2008311/213114010.1504/IJCAT.2008.017725 Courbis, C., Finkelstein, A.: Weaving aspects into web service orchestrations. In: ICWS ’05: Proceedings of the IEEE International Conference on Web Services, pp. 219–226. IEEE Computer Society, Washington. (2005). doi:10.1109/ICWS.2005.129. ISBN 0-7695-2409-5 De Borger, W., De Win, B., Lagaisse, B., Joosen, W.: A permission system for secure AOP. In: AOSD ’10: Proceedings of the 9th International Conference on Aspect-Oriented Software Development, pp. 205–216. ACM, New York. (2010). doi:10.1145/1739230.1739254. ISBN 978-1-60558-958-9 SandhuRSCoyneEJFeinsteinHLYoumanCERole-based access control modelsComputer1996292384710.1109/2.485845 Coma-Brebel, C., Cuppens-Boulahia, N., Cuppens, F., Cavalli, A.R.: A context ontology based approach for secure interoperability. In: HP-SUA 2007: HP Software University Association 2007. Garching/Munich (2007) Filman, R., Elrad, T., Clarke, S., Aksit, M.: Aspect-Oriented Software Development. Addison-Wesley Professional, Reading (2004) Jones, M., Hamlen, K.W.: Disambiguating aspect-oriented security policies. In: AOSD ’10: Proceedings of the 9th International Conference on Aspect-Oriented Software Development, pp. 193–204. ACM, New York (2010). doi:10.1145/1739230.1739253. ISBN 978-1-60558-958-9 VinoskiSAdvanced message queuing protocolIEEE Internet Comput.2006106878910.1109/MIC.2006.116 Ayed, S., Idrees, M.S., Cuppens-Boulahia, N., Pinto, M., Fuentes, L., Cuppens, F.: Security aspects: a framework for enforcement of security policies using AOP. In: Sitis 2013: International Conference on Signal-Image Technology and Internet-Based Systems, ed. IEEE, pp. 301–308 (2013) Cuppens, F., Cuppens-Boulahia, N., Viña, E.P.: Adaptive access control enforcement in social network using aspect weaving. In: Proceedings of the 17th International Conference on Database Systems for Advanced Applications, pp. 154–167. (2012). ISBN 978-3-642-29022-0 Haarslev, V., Moller, R.: RACER: an OWL reasoning agent for the semantic web. In: 1st International Workshop on Applications, Products and Services of Web-Based Support Systems, WCC’03, pp. 91–95 (2003) 357_CR13 357_CR12 357_CR11 357_CR17 357_CR16 357_CR15 P Fradet (357_CR18) 2010; 75 Y Elrakaiby (357_CR14) 2012; 71 D Xu (357_CR30) 2008; 31 RS Sandhu (357_CR28) 1996; 29 F Cuppens (357_CR10) 2007; 186 357_CR23 357_CR22 357_CR21 G Kiczales (357_CR24) 1996; 28 357_CR27 357_CR26 357_CR25 357_CR20 F Cuppens (357_CR9) 2008; 7 357_CR2 357_CR1 357_CR4 357_CR19 357_CR3 S Vinoski (357_CR29) 2006; 10 357_CR6 357_CR5 357_CR8 357_CR7
References_xml	– reference: Courbis, C., Finkelstein, A.: Weaving aspects into web service orchestrations. In: ICWS ’05: Proceedings of the IEEE International Conference on Web Services, pp. 219–226. IEEE Computer Society, Washington. (2005). doi:10.1109/ICWS.2005.129. ISBN 0-7695-2409-5 – reference: Curry, E., Mahmoud, Q.H.: Message-oriented middleware. Middlew. Commun. 1–28 (2004). ISBN 978-0-470-86206-3 – reference: Falcone, Y., Jaber, M.: Towards automatic integration of Or-BAC security policies using aspects. In: Software Engineering Research and Practice, pp. 495–499 (2010) – reference: ElrakaibyYCuppensFCuppens-BoulahiaNFormal enforcement and management of obligation policiesData Knowl. Eng.201271112714710.1016/j.datak.2011.09.001 – reference: Ponnalagu, K., Narendra, N.C., Krishnamurthy, J., Ramkumar, R.: Aspect-oriented approach for non-functional adaptation of composite web services. In: Services, 2007 IEEE Congress on, pp. 284–291. (2007). doi:10.1109/SERVICES.2007.18 – reference: Kalam, A.A.E., Benferhat, S., Miège, A., El Baida, R., Cuppens, F., Saurel, C., Balbiani, P., Deswarte, Y., Trouessin, G.: Organization based access control. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks. Policy ’03, 120. IEEE Computer Society, Washington. (2003). ISBN 0-7695-1933-4. http://dl.acm.org/citation.cfm?id=826036.826869 – reference: SandhuRSCoyneEJFeinsteinHLYoumanCERole-based access control modelsComputer1996292384710.1109/2.485845 – reference: Cannon, B., Wohlstadter, E.: Enforcing security for desktop clients using authority aspects. In: Aosd ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 255–266. (2009). ISBN 978-1-60558-442-3 – reference: Alhadidi, D., Boukhtouta, A., Belblidia, N., Debbabi, M., Bhattacharya, P.: The dataflow pointcut: a formal and practical framework. In: AOSD ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 15–26. ACM, New York. (2009). doi:10.1145/1509239.1509244. ISBN 978-1-60558-442-3 – reference: Jones, M., Hamlen, K.W.: Disambiguating aspect-oriented security policies. In: AOSD ’10: Proceedings of the 9th International Conference on Aspect-Oriented Software Development, pp. 193–204. ACM, New York (2010). doi:10.1145/1739230.1739253. ISBN 978-1-60558-958-9 – reference: O’Connor, M., Das, A.: SQWRL: a query language for OWL. In: Proceedings of the 5th International Workshop on OWL: Experiences and Directions. Owled’09 (2009) – reference: VinoskiSAdvanced message queuing protocolIEEE Internet Comput.2006106878910.1109/MIC.2006.116 – reference: Prud’hommeaux, E., Seaborne, A.: SPARQL Query Language for RDF. Recommendation, W3C (2008) – reference: Haarslev, V., Moller, R.: RACER: an OWL reasoning agent for the semantic web. In: 1st International Workshop on Applications, Products and Services of Web-Based Support Systems, WCC’03, pp. 91–95 (2003) – reference: Autrel, F., Cuppens, F., Cuppens-Boulahia, N., Coma-Brebel, C.: MotOrBAC 2: a security policy tool. In: Sarssi’08: 3ème conférence sur la sécurité des architectures réseaux et des systèmes d’information. Loctudy (2008) – reference: CuppensFCuppens-BoulahiaNModeling contextual security policiesInt. J. Inf. Secur.20087428530510.1007/s10207-007-0051-91143.03344 – reference: Ayed, S., Idrees, M.S., Cuppens-Boulahia, N., Pinto, M., Fuentes, L., Cuppens, F.: Security aspects: a framework for enforcement of security policies using AOP. In: Sitis 2013: International Conference on Signal-Image Technology and Internet-Based Systems, ed. IEEE, pp. 301–308 (2013) – reference: Cuppens, F., Cuppens-Boulahia, N., Viña, E.P.: Adaptive access control enforcement in social network using aspect weaving. In: Proceedings of the 17th International Conference on Database Systems for Advanced Applications, pp. 154–167. (2012). ISBN 978-3-642-29022-0 – reference: Coma-Brebel, C.: Interopérabilité et cohérence de politiques de sécurité pour les réseaux auto-organisants. Th. doct.: Informatique, Institut Mines-Télécom-Télécom Bretagne-UBL (2009) – reference: Cannon, B., Wohlstadter, E.: Enforcing security for desktop clients using authority aspects. In Aosd ’09: Proceedings of the 8th ACM International Conference on Aspect-Oriented Software Development, pp. 255–266. ACM, New York (2009). doi:10.1145/1509239.1509275. ISBN 978-1-60558-442-3 – reference: De Borger, W., De Win, B., Lagaisse, B., Joosen, W.: A permission system for secure AOP. In: AOSD ’10: Proceedings of the 9th International Conference on Aspect-Oriented Software Development, pp. 205–216. ACM, New York. (2010). doi:10.1145/1739230.1739254. ISBN 978-1-60558-958-9 – reference: Coma-Brebel, C., Cuppens-Boulahia, N., Cuppens, F., Cavalli, A.R.: A context ontology based approach for secure interoperability. In: HP-SUA 2007: HP Software University Association 2007. Garching/Munich (2007) – reference: Idrees, M.S., Serme, G., Roudier, Y., De Oliveira, A.S., Grall, H., Sudholt, M.: Evolving security requirements in multi-layered service-oriented-architectures. In: SETOP: 4th International Workshop on Autonomous and Spontaneous Security. BELGIQUE, Leuven (2011) – reference: KiczalesGAspect-oriented programmingACM Comput. Surv1996284es15410.1145/242224.242420 – reference: CuppensFCuppens-BoulahiaNGhorbelMBHigh level conflict management strategies in advanced access control modelsElectron. Notes Theor. Comput. Sci.2007186326245927510.1016/j.entcs.2007.01.0641277.68031 – reference: FradetPHaSHTAspects of availability: enforcing timed properties to prevent denial of serviceSci. Comput. Program.201075751654210.1016/j.scico.2009.10.0021211.68070 – reference: Kalam, A.A.E., Baida, R.E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C., Trouessin, G.: Organization based access control. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (2003). doi:10.1109/POLICY.2003.1206966 – reference: XuDGoelVNygardKEWong EricWAspect-oriented specification of threat-driven security requirementsInt. J. Comput. Appl. Technol.2008311/213114010.1504/IJCAT.2008.017725 – reference: Filman, R., Elrad, T., Clarke, S., Aksit, M.: Aspect-Oriented Software Development. Addison-Wesley Professional, Reading (2004) – reference: Fikes, R., Hayes, P., Horrocks, I.: OWL-QL—a language for deductive query answering on the Semantic Web. Web Semantics: Science, Services and Agents on the World Wide Web 2(1), 19–29 (2004) – ident: 357_CR17 doi: 10.1016/j.websem.2004.07.002 – ident: 357_CR19 – ident: 357_CR1 doi: 10.1145/1509239.1509244 – ident: 357_CR7 – ident: 357_CR21 doi: 10.1145/1739230.1739253 – volume: 28 start-page: 154 issue: 4es year: 1996 ident: 357_CR24 publication-title: ACM Comput. Surv doi: 10.1145/242224.242420 – ident: 357_CR25 – volume: 7 start-page: 285 issue: 4 year: 2008 ident: 357_CR9 publication-title: Int. J. Inf. Secur. doi: 10.1007/s10207-007-0051-9 – volume: 75 start-page: 516 issue: 7 year: 2010 ident: 357_CR18 publication-title: Sci. Comput. Program. doi: 10.1016/j.scico.2009.10.002 – ident: 357_CR26 doi: 10.1109/SERVICES.2007.18 – ident: 357_CR27 – ident: 357_CR23 doi: 10.1109/POLICY.2003.1206966 – ident: 357_CR15 – ident: 357_CR20 – ident: 357_CR16 – ident: 357_CR3 doi: 10.1109/SITIS.2013.57 – ident: 357_CR8 doi: 10.1109/ICWS.2005.129 – ident: 357_CR12 doi: 10.1002/0470862084.ch1 – volume: 71 start-page: 127 issue: 1 year: 2012 ident: 357_CR14 publication-title: Data Knowl. Eng. doi: 10.1016/j.datak.2011.09.001 – ident: 357_CR6 – ident: 357_CR11 doi: 10.1007/978-3-642-29023-7_17 – ident: 357_CR22 – volume: 186 start-page: 3 year: 2007 ident: 357_CR10 publication-title: Electron. Notes Theor. Comput. Sci. doi: 10.1016/j.entcs.2007.01.064 – ident: 357_CR2 – ident: 357_CR13 doi: 10.1145/1739230.1739254 – ident: 357_CR4 doi: 10.1145/1509239.1509275 – volume: 31 start-page: 131 issue: 1/2 year: 2008 ident: 357_CR30 publication-title: Int. J. Comput. Appl. Technol. doi: 10.1504/IJCAT.2008.017725 – ident: 357_CR5 doi: 10.1145/1509239.1509275 – volume: 29 start-page: 38 issue: 2 year: 1996 ident: 357_CR28 publication-title: Computer doi: 10.1109/2.485845 – volume: 10 start-page: 87 issue: 6 year: 2006 ident: 357_CR29 publication-title: IEEE Internet Comput. doi: 10.1109/MIC.2006.116
SSID	ssj0021091
Score	2.1080983
Snippet	The dynamic configuration and evolution of large-scale heterogeneous systems has made the enforcement of security requirements one of the most critical phases...
SourceID	proquest crossref springer
SourceType	Aggregation Database Enrichment Source Index Database Publisher
StartPage	83
SubjectTerms	Access Access control Coding and Information Theory Communications Engineering Computer Communication Networks Computer programming Computer Science Cryptology Deployment Enforcement Frame analysis Management of Computing and Information Systems Modularity Networks Operating Systems Policies Regular Contribution Security Specification
SummonAdditionalLinks	– databaseName: SpringerLINK Contemporary 1997-Present dbid: RSV link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LSwMxEB60evBifWK1Sg6elMA-k-yxFIunIvigtyWbzGpBVulWf7-ZfbRVVNDDnnY2LJPHfJN5fADnnvGiLBOau0fzSOc-TywiDzCUJhPUUFxVZBNyPFaTSXLT1HGXbbZ7G5KsTuqVYregSpN0HnAYSy7WYSOmZjPkot8-LLws6nRJXpYz1c7LEkEbyvxuiM_GaIkwvwRFK1sz6v7rL3dgu4GWbFCvhV1Yw2IPui1tA2t28T4MB-ZpinSRwGzNR--QOJsWrGy47BgxNzjpkiEVK5nqBpFRhvwj01VpZnkA96Oru-E1b7gUuAl9MedKGO3ORB3FJvdsbJFMv6f9xEovc5OCuY58izK2Di_4SvsSTWyttEmgUQobHkKneCnwCFjgu3EcblKYKKq3SrQOUYVZHgVosyzvgdcqNTVNo3Hiu3hOly2SSUkpJZeRklLRg4vFJ691l43fhPvtTKXNhitTykMMPAem_B5ctjOz8vqnwY7_JH0CWw4wqTpruw-d-ewNT2HTvM-n5eysWocf1CXXmg priority: 102 providerName: Springer Nature
Title	Achieving dynamicity in security policies enforcement using aspects
URI	https://link.springer.com/article/10.1007/s10207-016-0357-6 https://www.proquest.com/docview/1993208461
Volume	17
WOSCitedRecordID	wos000422991300005&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
journalDatabaseRights	– providerCode: PRVAVX databaseName: SpringerLINK Contemporary 1997-Present customDbUrl: eissn: 1615-5270 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0021091 issn: 1615-5262 databaseCode: RSV dateStart: 20010801 isFulltext: true titleUrlDefault: https://link.springer.com/search?facet-content-type=%22Journal%22 providerName: Springer Nature
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1JS8QwFH64Hby4i-NGDp6UYNMt7Ul0UARxHPflUtIk1QEZl47-ft9rU0cFvXjog9I0lL4kb38fwIanvTDPY8XxUjxUheCpsZb7NpA6j6mheFKBTchOJ7m5SbvO4Va6tMrmTKwOavOkyUe-TYlmvofSUuw8v3BCjaLoqoPQGIVxFNQRIRjI69tPg4uaXpLBhVIbDa7Yb6KademcXyVdoj0dRJLH3-XSUNn8ER-txM7B9H8_eAamnMLJdusVMgsjtj8H0w2YA3N7ex7au_qhZ8m9wEyNUo_6Oev1WekQ7hjhOeDoklkqYdKVX5FR3vw9U1XBZrkAlwf7F-1D7hAWuA5EPOBJrBWelCqMdOGZyFhSCDwlUiO9HFllCxUKY2VkUIsQiRLS6sgYaVJfWRmbYBHG-k99uwTMFzgPalOJTROqwkqVCmwS5EXoW5PnRQu85v9m2rUfJxSMx2zYOJlYklHKGbEki1uw-fnKc91746_Bqw0bMrcNy2zIgxZsNYz88vi3yZb_nmwFJlFvSurk7VUYG7y-2TWY0O-DXvm6Xq3BdRjf2-90z_DuSHKkx167oidExSnSbnSH9Oz86gOtHOmz
linkProvider	ProQuest
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1JS-xAEC7cQC-uTxy31we9KM1Ld_aDiLigqIOCgrfY6a7ogGbUjIp_yt9oVxZHBb15eIec0imSrkptXVUfwIqjHS9NA8XtpbinMsFjg8gluqFOAxooHpVgE2G7HV1cxCcD8Nr0wlBZZaMTS0Vtuppy5P-o0Ew61lqKzbt7TqhRdLraQGhUYnGIL882ZCs2DnYsf1el3Ns9297nNaoA164IejwKtLLaQXm-zhzjGyQj6CgRm9BJ7ethpjxhMPSNtZwiUiJE7RsTmlgqDAPjWrqDMExz9aiE7Ficvgd4NGSTAjzrJdgAL5DNKWrVqifLIk8bv7t-yIPPdrDv3H45jy3N3N7E_7ZBkzBeO9Rsq_oDpmAA82mYaMAqWK27ZmB7S193kNInzLzk6rajbfzBOjkragQ_RngVdnXBkFq0dJk3ZdQXcMVU2ZBa_IHzX_mUWRjKuznOAZPC0rHeYoRxRF1msVIuRm6aeRJNmmYtcBp-Jroer04oHzdJfzA0iUBCJXUkAknQgrX3R-6q2SI_LV5s2J7UaqZI-jxvwXojOB9uf0ds_mdif2F0_-z4KDk6aB8uwJj1EaOqUH0RhnoPj7gEI_qp1ykelkv5Z3D52_L0BoDiQQU
linkToPdf	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1LT9wwEB7RBVVcoLRFLIXWh_bSyiJxHk4OCPFagahWK9RK3FLHnrQrQXhkAfHX-uuYyYOllcqNQw85xRkl8XhmPntmPoCPnvXCPI-NpMvI0BS-TB2iVBhom8fcUDypySb0cJicnKSjGfjd1cJwWmVnE2tD7c4t75FvcKKZ8shb-htFmxYx2htsXVxKZpDik9aOTqNRkSO8uyX4Vm0e7tFcf1JqsP9t90C2DAPSBn48kUlsDVkKE0a28FzkkB2iZ_zUaS-nV8XChL5DHTnyon5ifI02ck67VBnUsQtI7guY1QGBnh7M7uwPR8cPcI9bbjLco5iB4F6sujPVpnBP1SmfhOaDSMv4T684DXX_Op2tnd5g8X_-Xa9goQ21xXazNpZgBsvXsNjRWIjWqr2B3W37a4y8sSLcXWnOxpaQiRiXomq5_QQzWdDoSiAXb9l6R1VwxcBPYepS1eotfH-WT1mGXnle4goI5ZMciiMTTBOuP0uNCTAJ8iJU6PK86IPXzW1m28brzP9xmk1bRrM6ZJxsx-qQxX34_PDIRdN15KnBa50KZK0BqrLp_PfhS6dEj27_S9jq08I-wEtSo-zr4fDoHcxT8Jg0Gexr0JtcXeM6zNmbybi6et8uBgE_nluh7gFmD0se
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Achieving+dynamicity+in+security+policies+enforcement+using+aspects&rft.jtitle=International+journal+of+information+security&rft.au=Ayed%2C+Samiha&rft.au=Idrees%2C+Muhammad+Sabir&rft.au=Cuppens%2C+Nora&rft.au=Cuppens%2C+Frederic&rft.date=2018-02-01&rft.issn=1615-5262&rft.eissn=1615-5270&rft.volume=17&rft.issue=1&rft.spage=83&rft.epage=103&rft_id=info:doi/10.1007%2Fs10207-016-0357-6&rft.externalDBID=n%2Fa&rft.externalDocID=10_1007_s10207_016_0357_6
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1615-5262&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1615-5262&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1615-5262&client=summon