This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Discovery and Resolution of Anomalies in Web Access Control Policies
Nov.-Dec. 2013 (vol. 10 no. 6)
pp. 341-354
Hongxin Hu, Dept. of Comput. & Inf. Sci., Delaware State Univ., Dover, DE, USA
Gail-Joon Ahn, Security Eng. for Future Comput. Lab., Arizona State Univ., Tempe, AZ, USA
Ketan Kulkarni, NVIDIA, Sunnyvale, CA, USA
Emerging computing technologies such as web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services while providing more convenient services to Internet users through such a cutting-edge technological growth. Furthermore, designing and managing web access control policies are often error-prone due to the lack of effective analysis mechanisms and tools. In this paper, we represent an innovative policy anomaly analysis approach for web access control policies, focusing on extensible access control markup language policy. We introduce a policy-based segmentation technique to accurately identify policy anomalies and derive effective anomaly resolutions, along with an intuitive visualization representation of analysis results. We also discuss a proof-of-concept implementation of our method called XAnalyzer and demonstrate how our approach can efficiently discover and resolve policy anomalies.
Index Terms:
Web services,authorisation,business data processing,cloud computing,data visualisation,service-oriented architecture,unauthorized actions,anomaly resolution,anomaly discovery,Web access control policies,Web services,service-oriented architecture,cloud computing,business services,unintended security leakages,cutting-edge technological growth,analysis mechanisms,policy anomaly analysis approach,extensible access control markup language policy,policy-based segmentation technique,visualization representation,proof-of-concept implementation,XAnalyzer,Data structures,Authorization,Boolean functions,Algorithm design and analysis,Access control,Web services,Knowledge discovery,discovery and resolution,Access control policies,XACML,conflict,redundancy
Citation:
Hongxin Hu, Gail-Joon Ahn, Ketan Kulkarni, "Discovery and Resolution of Anomalies in Web Access Control Policies," IEEE Transactions on Dependable and Secure Computing, vol. 10, no. 6, pp. 341-354, Nov.-Dec. 2013, doi:10.1109/TDSC.2013.18
Usage of this product signifies your acceptance of the Terms of Use.