Konferenzbeitrag
Aligning ABAC policies with information security policies using controlled vocabulary
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
Zusatzinformation
Datum
2016
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
Attribute-based Access Control (ABAC) policies are based on mutually processable policy attributes. Assigned permissions in such policies need to be reflected or combined with organisational constraints. Best practice in information security dictates having the operational need to access a particular information artifact independent from the function of the specific application systems. Consequently, any policy regulating the behaviour towards information access must adhere to a minimum degree of mutual semantic expressiveness to be combined and processed with the matching ABAC policy. We show how to detect policy attribute conflicts between ABAC policies and information access policies by means of controlled vocabulary and Semantic Web technologies.