Semantic Matching of Security Policies to Support Security Experts

Management of security policies has become increasingly difficult given the number of domains to manage, taken into consideration their extent and their complexity. Security experts has to deal with a variety of frameworks and specification languages used in different domains that may belong to any Cloud Computing or Distributed Systems. This wealth of frameworks and languages make the management task and the interpretation of the security policies so difficult. Each approach provides its own conflict management method or tool, the security expert will be forced to manage all these tools, which makes the field maintenance and time consuming expensive. In order to hide this complexity and to facilitate some security experts tasks and automate the others, we propose a security policies aligning based on ontologies process; this process enables to detect and resolve security policies conflicts and to support security experts in managing tasks.

[1]  Dimitris Gritzalis,et al.  Towards an Ontology-based Security Management , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[2]  Jeffrey M. Bradshaw,et al.  KAoS policy management for semantic Web services , 2004, IEEE Intelligent Systems.

[3]  Deborah L. McGuinness,et al.  OWL Web ontology language overview , 2004 .

[4]  Ingo J. Timm,et al.  Terminology Integration for the Management of distributed Information Resources , 2002, Künstliche Intell..

[5]  Timothy W. Finin,et al.  A policy language for a pervasive computing environment , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[6]  Brett Benyo,et al.  Representation and reasoning for DAML-based policy and domain services in KAoS and nomads , 2003, AAMAS '03.

[7]  Morris Sloman,et al.  Policy driven management for distributed systems , 1994, Journal of Network and Systems Management.

[8]  Alessandra Russo,et al.  Using event calculus to formalise policy specification and analysis , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[9]  B. Jennings,et al.  A Model Based Approach for Policy Tool Generation and Policy Analysis , 2007, 2007 First International Global Information Infrastructure Symposium.

[10]  Jorge Lobo,et al.  Toward a Formal Characterization of Policy Specification & Analysis , 2007 .

[11]  F. Fürst,et al.  Contribution à l'ingénierie des ontologies : une méthode et un outil d'opérationalisation , 2004 .

[12]  Marianne Winslett,et al.  Ontology-Based Policy Specification and Management , 2005, ESWC.

[14]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[15]  Jeffrey M. Bradshaw,et al.  KAoS policy and domain services: toward a description-logic approach to policy representation, deconfliction, and enforcement , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[16]  Kyatham Suresh Indrajit. Semantic matching of web services. , 2012 .

[17]  Emil C. Lupu,et al.  Ponder: A Language for Specifying Security and Management Policies for Distributed Systems , 2000 .

[18]  Jérôme Euzenat,et al.  A Survey of Schema-Based Matching Approaches , 2005, J. Data Semant..

[19]  Jean-Guy Schneider,et al.  A Survey of Policy-Based Management Approaches for Service Oriented Systems , 2008 .

[20]  Jeffrey M. Bradshaw,et al.  Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KAoS, Rei, and Ponder , 2003, SEMWEB.

[21]  Mohamed Ben Ahmed,et al.  Enrichissement d'ontologie par une base générique minimale de règles associatives - application aux maladies neurologies : les dystonies , 2010, CORIA.

[22]  Mohamed Eltoweissy,et al.  Goal-Oriented Software Security Engineering: The Electronic Smart Card Case Study , 2009, 2009 International Conference on Computational Science and Engineering.

[23]  Lalana Kagal Rei : A Policy Language for the Me-Centric Project , 2002 .

[24]  Lalana Kagal,et al.  Policy-based Access Control for Task Computing Using Rei , 2005 .

[25]  Chantal Reynaud,et al.  Alignement d'ontologies basé sur des ressources complémentaires Illustration sur le système TaxoMap , 2009, Tech. Sci. Informatiques.

[26]  Abderrahim Sekkaki,et al.  An Ontology-Based Method for Semantic Integration of Business Components , 2011, 2011 11th Annual International Conference on New Technologies of Distributed Systems.

[27]  Kunal Verma,et al.  Semantic Matching of Web Service Policies , 2005, SDWP@ICWS.