Access Policy Consolidation for Event Processing Systems

Author

Schilling, Ben ; Koldehofe, Boris ; Rotherme, K. ; Ramachandran, U.

Author_Institution

Inst. for Parallel & Distrib. Syst., Univ. Stuttgart, Stuttgart, Germany

fYear

2013

fDate

11-15 March 2013

Firstpage

92

Lastpage

101

Abstract

Current event processing systems lack methods to preserve privacy constraints of incoming event streams in a chain of subsequently applied stream operations. This is a problem in large-scale distributed applications like a logistic chain where event processing operators may be spread over multiple security domains. An adversary can infer from legally received outgoing event streams confidential input streams of the event processing system. This paper presents a fine-grained access management for complex event processing. Each incoming event stream can be protected by the specification of an access policy and is enforced by algorithms for access consolidation. The utility of the event processing system is increased by providing and computing in a scalable manner a measure for the obfuscation of event streams. An obfuscation threshold as part of the access policy allows to ignore access requirements and deliver events which have achieved a sufficient high obfuscation level.

Keywords

authorisation; data privacy; access policy consolidation; access policy specification; complex event processing system; distributed application; event stream protection; fine grained access management; obfuscation threshold; privacy constraint preservation; security domain; Access control; Bayes methods; Companies; Correlation; Logistics; Access control; Event Processing; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Networked Systems (NetSys), 2013 Conference on

Conference_Location

Stuttgart

Print_ISBN

978-1-4673-5645-9

Electronic_ISBN

978-0-7695-4950-7

Type

conf

DOI

10.1109/NetSys.2013.18

Filename

6529241