eGovernment service security policy: obligation conflict resolution in XACMLv3
نویسندگان
چکیده
Today, many governments tend to propose e-services to their citizens. However, implementing an eGovernment environment shall face up to several security challenges including integrating security requirements coming from multiple stakeholders. In this article, we analyze the conflicts that can occur between eGovernment security requirements. Since these security requirements can contain both authorizations and obligations, we cover these two aspects. Then, we propose a new conflict resolution algorithm that handles conflicts between authorizations as well as obligations. This work has been implemented in XACMLv3. Keywords— eGovernment; Access control; Obligations; conflict; XACMLv3
منابع مشابه
Security of eGovernment Systems
The project ‘Security of eGovernment systems’ aimed at assisting policymakers in discerning policy options for meeting future challenges in securing eGovernment systems. The project focused on upcoming challenges of eGovernment security in delivering public services across borders. Through identifying key security barriers and enablers, the project points to promising avenues of policy developm...
متن کاملJames Bond and Global Health Diplomacy
In the 21st Century, distinctions and boundaries between global health, international politics, and the broader interests of the global community are harder to define and enforce than ever before. As a result, global health workers, leaders, and institutions face pressing questions around the nature and extent of their involvement with non-health endeavors, including international conflict reso...
متن کاملeGovernment & Internet Security: Some Technical and Policy Considerations
The purpose of the present essay is to discuss some technical and policy considerations of Internet security in the context of electronic government applications. The initial sections of the paper are oriented to describe the main security concerns, their relative importance in different categories of eGovernment applications, and some of the current security technologies. In the final sections...
متن کاملEnforcing Obligation with Security Monitors
With the ubiquitous deployment of large scale networks more and more complex human interactions are supported by computer applications. This poses new challenges on the expressiveness of security policy design systems, often requiring the use of new security paradigms. In this paper we identify a restricted type of obligation which is useful to express new security policies. This type of obliga...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2016