Ontology-based policy anomaly management for autonomic computing

Hongxin Hu, Gail-Joon Ahn, Ketan Kulkarni

Research output: Chapter in Book/Report/Conference proceedingConference contribution

15 Citations (Scopus)

Abstract

The advent of emerging computing technologies such as service-oriented architecture and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Moreover, designing and managing different types of policies collaboratively in such a computing environment are critical but often error prone due to the complex nature of policies as well as the lack of effective analysis mechanisms and corresponding tools. In particular, existing mechanisms and tools for policy management adopt different approaches for different types of policies. In this work, we propose a unified framework to facilitate collaborative policy analysis and management for different types of policies, focusing on policy anomaly detection and resolution. Our generic approach captures the common semantics and structure of different types of access control policies with the notion of policy ontology. We also discuss a proof-of-concept implementation of our proposed framework and demonstrate how efficiently our approach can discover and resolve anomalies for different types of policies.

Original languageEnglish (US)
Title of host publicationColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing
Pages487-494
Number of pages8
DOIs
StatePublished - 2011
Event7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, ColiaborateCom 2011 - Orlando, FL, United States
Duration: Oct 15 2011Oct 18 2011

Other

Other7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, ColiaborateCom 2011
CountryUnited States
CityOrlando, FL
Period10/15/1110/18/11

Fingerprint

Ontology
Service oriented architecture (SOA)
Cloud computing
Access control
Industry
Semantics

Keywords

  • autonomic computing
  • Ontology
  • policy anomaly analysis

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications

Cite this

Hu, H., Ahn, G-J., & Kulkarni, K. (2011). Ontology-based policy anomaly management for autonomic computing. In ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (pp. 487-494). [6144770] https://doi.org/10.4108/icst.collaboratecom.2011.247119

Ontology-based policy anomaly management for autonomic computing. / Hu, Hongxin; Ahn, Gail-Joon; Kulkarni, Ketan.

ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing. 2011. p. 487-494 6144770.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Hu, H, Ahn, G-J & Kulkarni, K 2011, Ontology-based policy anomaly management for autonomic computing. in ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing., 6144770, pp. 487-494, 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, ColiaborateCom 2011, Orlando, FL, United States, 10/15/11. https://doi.org/10.4108/icst.collaboratecom.2011.247119
Hu H, Ahn G-J, Kulkarni K. Ontology-based policy anomaly management for autonomic computing. In ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing. 2011. p. 487-494. 6144770 https://doi.org/10.4108/icst.collaboratecom.2011.247119
Hu, Hongxin ; Ahn, Gail-Joon ; Kulkarni, Ketan. / Ontology-based policy anomaly management for autonomic computing. ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing. 2011. pp. 487-494
@inproceedings{27ca9694bd934ee88a72e05d9dd9678a,
title = "Ontology-based policy anomaly management for autonomic computing",
abstract = "The advent of emerging computing technologies such as service-oriented architecture and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Moreover, designing and managing different types of policies collaboratively in such a computing environment are critical but often error prone due to the complex nature of policies as well as the lack of effective analysis mechanisms and corresponding tools. In particular, existing mechanisms and tools for policy management adopt different approaches for different types of policies. In this work, we propose a unified framework to facilitate collaborative policy analysis and management for different types of policies, focusing on policy anomaly detection and resolution. Our generic approach captures the common semantics and structure of different types of access control policies with the notion of policy ontology. We also discuss a proof-of-concept implementation of our proposed framework and demonstrate how efficiently our approach can discover and resolve anomalies for different types of policies.",
keywords = "autonomic computing, Ontology, policy anomaly analysis",
author = "Hongxin Hu and Gail-Joon Ahn and Ketan Kulkarni",
year = "2011",
doi = "10.4108/icst.collaboratecom.2011.247119",
language = "English (US)",
isbn = "9781936968367",
pages = "487--494",
booktitle = "ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing",

}

TY - GEN

T1 - Ontology-based policy anomaly management for autonomic computing

AU - Hu, Hongxin

AU - Ahn, Gail-Joon

AU - Kulkarni, Ketan

PY - 2011

Y1 - 2011

N2 - The advent of emerging computing technologies such as service-oriented architecture and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Moreover, designing and managing different types of policies collaboratively in such a computing environment are critical but often error prone due to the complex nature of policies as well as the lack of effective analysis mechanisms and corresponding tools. In particular, existing mechanisms and tools for policy management adopt different approaches for different types of policies. In this work, we propose a unified framework to facilitate collaborative policy analysis and management for different types of policies, focusing on policy anomaly detection and resolution. Our generic approach captures the common semantics and structure of different types of access control policies with the notion of policy ontology. We also discuss a proof-of-concept implementation of our proposed framework and demonstrate how efficiently our approach can discover and resolve anomalies for different types of policies.

AB - The advent of emerging computing technologies such as service-oriented architecture and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Moreover, designing and managing different types of policies collaboratively in such a computing environment are critical but often error prone due to the complex nature of policies as well as the lack of effective analysis mechanisms and corresponding tools. In particular, existing mechanisms and tools for policy management adopt different approaches for different types of policies. In this work, we propose a unified framework to facilitate collaborative policy analysis and management for different types of policies, focusing on policy anomaly detection and resolution. Our generic approach captures the common semantics and structure of different types of access control policies with the notion of policy ontology. We also discuss a proof-of-concept implementation of our proposed framework and demonstrate how efficiently our approach can discover and resolve anomalies for different types of policies.

KW - autonomic computing

KW - Ontology

KW - policy anomaly analysis

UR - http://www.scopus.com/inward/record.url?scp=84857620292&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84857620292&partnerID=8YFLogxK

U2 - 10.4108/icst.collaboratecom.2011.247119

DO - 10.4108/icst.collaboratecom.2011.247119

M3 - Conference contribution

SN - 9781936968367

SP - 487

EP - 494

BT - ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing

ER -