کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
430697 688122 2014 18 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Self-adaptive federated authorization infrastructures
ترجمه فارسی عنوان
زیرساخت های مجوز فدراسیون خود سازگار
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر نظریه محاسباتی و ریاضیات
چکیده انگلیسی


• Definition and design of a self-adaptive authorization infrastructure.
• Utilizes an autonomic controller implementing a MAPE-K feedback loop.
• Identifies and responds to malicious user behavior.
• Demonstrates the active adaptation of user credentials and authorization policies.
• Implemented in a SAML federation using PERMIS authorization policies.

Authorization infrastructures are an integral part of any network where resources need to be protected. As networks expand and organizations start to federate access to their resources, authorization infrastructures become increasingly difficult to manage. In this paper, we explore the automatic adaptation of authorization assets (policies and subject access rights) in order to manage federated authorization infrastructures. We demonstrate adaptation through a Self-Adaptive Authorization Framework (SAAF) controller that is capable of managing policy based federated role/attribute access control authorization infrastructures. The SAAF controller implements a feedback loop to monitor the authorization infrastructure in terms of authorization assets and subject behavior, analyze potential adaptations for handling malicious behavior, and act upon authorization assets to control future authorization decisions. We evaluate a prototype of the SAAF controller by simulating malicious behavior within a deployed federated authorization infrastructure (federation), demonstrating the escalation of adaptation, along with a comparison of SAAF to current technology.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Journal of Computer and System Sciences - Volume 80, Issue 5, August 2014, Pages 935–952
نویسندگان
, , ,