Title :
Conflict detection in security policies using Semantic Web technology
Author :
Neri, M.A. ; Guarnieri, Massimo ; Magri, Eros ; Mutti, Sammy ; Paraboschi, Stefano
Author_Institution :
Dipt. di Ing. dell´Inf. e Metodi Matematici, Univ. degli Studi di Bergamo, Bergamo, Italy
Abstract :
The design of efficient and effective techniques for security policy analysis is a crucial open problem in modern information systems. Significant attention has been dedicated in the past to the use of logical tools for the analysis of security policies, but this work has produced a limited impact on enterprise information systems. Important reasons of the limited success of past research were the difficult integration of these approaches with the technological scenario and the limited scalability of many proposals. Nowadays Semantic Web tools are increasingly used in modern information systems. We show how the tools provided by Semantic Web and ontology management technologies offer an adequate basis for the realization of techniques able to support conflict analysis in security policies. Based on the use of these techniques, we propose a solution for two different variants of conflict analysis: (a) Policy Incompatibility, and (b) Separation of Duty Satisfiability. Experiments that test the techniques on large security policies demonstrate the scalability of the approach.
Keywords :
information systems; ontologies (artificial intelligence); security of data; semantic Web; conflict detection; duty satisfiability separation; enterprise information systems; information systems; logical tools; ontology management technology; policy incompatibility; security policy analysis; semantic Web technology; Authorization; Information systems; Ontologies; Prototypes; Semantic Web;
Conference_Titel :
Satellite Telecommunications (ESTEL), 2012 IEEE First AESS European Conference on
Conference_Location :
Rome
Print_ISBN :
978-1-4673-4687-0
Electronic_ISBN :
978-1-4673-4686-3
DOI :
10.1109/ESTEL.2012.6400092
