Clustering-based Approach for Anomaly Detection in XACML Policies

Maryem Ait El Hadj; Meryeme Ayache; Yahya Benkaouz; Ahmed Khoumsi; Mohammed Erradi

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Clustering-based Approach for Anomaly Detection in XACML Policies

Topics: Access Control; Security and Privacy Policies; Security in Distributed Systems

In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 0ICETE, 548-553, 2017 , Madrid, Spain

Authors: Maryem Ait El Hadj ¹ ; Meryeme Ayache ¹ ; Yahya Benkaouz ² ; Ahmed Khoumsi ³ and Mohammed Erradi ¹

Affiliations: ¹ NDSR Group, ENSIAS and Mohammed V University in Rabat, Morocco ; ² Conception and Systems Laboratory, FSR and Mohammed V University in Rabat, Morocco ; ³ University of Sherbrooke, Canada

Keyword(s): ABAC, XACML Policies, Clustering, Similarity Computation, Anomaly Detection.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Information and Systems Security ; Internet Technology ; Security and Privacy Policies ; Security in Distributed Systems ; Web Information Systems and Technologies

Abstract: The development of distributed applications arises multiple security issues such as access control. Attribute-Based Access Control has been proposed as a generic access control model, which provides more flexibility and promotes information and security sharing. eXtensible Access Control Markup Language (XACML) is the most convenient way to express ABAC policies. However, in distributed environments, XACML policies become more complex and hard to manage. In fact, an XACML policy in distributed applications may be aggregated from multiple parties and can be managed by more than one administrator. Therefore, it may contain several anomalies such as conflicts and redundancies, which may affect the performance of the policy execution. In this paper, we propose an anomaly detection method based on the decomposition of a policy into clusters before searching anomalies within each cluster. Our evaluation results demonstrate the efficiency of the suggested approach.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.222.166.151

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Ait El Hadj, M.; Ayache, M.; Benkaouz, Y.; Khoumsi, A. and Erradi, M. (2017). Clustering-based Approach for Anomaly Detection in XACML Policies. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT; ISBN 978-989-758-259-2; ISSN 2184-3236, SciTePress, pages 548-553. DOI: 10.5220/0006471205480553

@conference{secrypt17,
author={Maryem {Ait El Hadj}. and Meryeme Ayache. and Yahya Benkaouz. and Ahmed Khoumsi. and Mohammed Erradi.},
title={Clustering-based Approach for Anomaly Detection in XACML Policies},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT},
year={2017},
pages={548-553},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006471205480553},
isbn={978-989-758-259-2},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT
TI - Clustering-based Approach for Anomaly Detection in XACML Policies
SN - 978-989-758-259-2
IS - 2184-3236
AU - Ait El Hadj, M.
AU - Ayache, M.
AU - Benkaouz, Y.
AU - Khoumsi, A.
AU - Erradi, M.
PY - 2017
SP - 548
EP - 553
DO - 10.5220/0006471205480553
PB - SciTePress