TY - GEN
T1 - Ontology-based policy anomaly management for autonomic computing
AU - Hu, Hongxin
AU - Ahn, Gail-Joon
AU - Kulkarni, Ketan
N1 - Copyright:
Copyright 2012 Elsevier B.V., All rights reserved.
PY - 2011
Y1 - 2011
N2 - The advent of emerging computing technologies such as service-oriented architecture and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Moreover, designing and managing different types of policies collaboratively in such a computing environment are critical but often error prone due to the complex nature of policies as well as the lack of effective analysis mechanisms and corresponding tools. In particular, existing mechanisms and tools for policy management adopt different approaches for different types of policies. In this work, we propose a unified framework to facilitate collaborative policy analysis and management for different types of policies, focusing on policy anomaly detection and resolution. Our generic approach captures the common semantics and structure of different types of access control policies with the notion of policy ontology. We also discuss a proof-of-concept implementation of our proposed framework and demonstrate how efficiently our approach can discover and resolve anomalies for different types of policies.
AB - The advent of emerging computing technologies such as service-oriented architecture and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Moreover, designing and managing different types of policies collaboratively in such a computing environment are critical but often error prone due to the complex nature of policies as well as the lack of effective analysis mechanisms and corresponding tools. In particular, existing mechanisms and tools for policy management adopt different approaches for different types of policies. In this work, we propose a unified framework to facilitate collaborative policy analysis and management for different types of policies, focusing on policy anomaly detection and resolution. Our generic approach captures the common semantics and structure of different types of access control policies with the notion of policy ontology. We also discuss a proof-of-concept implementation of our proposed framework and demonstrate how efficiently our approach can discover and resolve anomalies for different types of policies.
KW - Ontology
KW - autonomic computing
KW - policy anomaly analysis
UR - http://www.scopus.com/inward/record.url?scp=84857620292&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84857620292&partnerID=8YFLogxK
U2 - 10.4108/icst.collaboratecom.2011.247119
DO - 10.4108/icst.collaboratecom.2011.247119
M3 - Conference contribution
AN - SCOPUS:84857620292
SN - 9781936968367
T3 - ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing
SP - 487
EP - 494
BT - ColiaborateCom 2011 - Proceedings of the 7th International Conference on Collaborative Computing
T2 - 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, ColiaborateCom 2011
Y2 - 15 October 2011 through 18 October 2011
ER -