A Risk Calculus Extension to the XACML Language

Jhonatan Alves; Carla Merkle Westphall; Gustavo Roecker Schmitt

doi:10.5753/sbsi.2016.5978

Jhonatan Alves Federal University of Santa Catarina
Carla Merkle Westphall Federal University of Santa Catarina
Gustavo Roecker Schmitt Federal University of Santa Catarina

DOI: https://doi.org/10.5753/sbsi.2016.5978

Resumo

The increase of dynamic cloud computing environments introduces the need for new ways of access control in applications. One access control model which adapts flexibly to such systems on the Internet is the RAdAC (Risk-Adaptive Access Control). This model is based on the user confidence degree and the risk of releasing access to some information taking into account the context in which a request is performed. However, in practice, to use such model it is necessary to implement a technological support as, for example, extending the access control architecture present in the XACML (eXtensible Access Control Markup Language). This paper extends the XACML access control architecture to support the RAdAC model providing a quantitative, concrete and dynamic risk calculus in order to improve the access control in cloud environments. A prototype was developed in Amazon EC2 cloud environment to perform dynamic access control policies using the proposed XACML extension. Some risk calculus tests are described in the paper to exemplify the RAdAC decisions.

Palavras-chave: XACML, RAdAC, Risk Calculus, Cloud Computing

Referências

Abbott, R. J. 1983. Program design by informal English descriptions. Communications of the ACM, 26(11), 882-894.

Bezerra, E. 2006. Princípios De Análise E Projeto De Sistemas Com Uml-3ª Edição (Vol. 3). Elsevier Brasil.

Dias, F., Morgado, G., Oscar, P., da Silveira, D. S., Alencar, A. J., Lima, P., & Schmitz, E. A. 2006. Uma Abordagem para a Transformação Automática do Modelo de Negócio em Modelo de Requisitos. In WER (pp. 51-60).

Freitas, C., Rocha, P., & Bick, E. 2008. Floresta sintá (c) tica: bigger, thicker and easier. In Computational Processing of the Portuguese Language (pp. 216-219). Springer Berlin Heidelberg.

Herchi, H., Abdessalem, W. B. 2012. From user requirements to UML class diagram. International Conference on Computer Related Knowledge.

International Organization for Standardization, ISO/IEC/IEEE 29148:2011 - Systems and software Engineering — Life cycle processes — Requirements Engineering,” ISO/IEC/IEEE, Nov. 2011.

Larman, C. 2007. Utilizando UML e padrões: uma introdução à análise e ao projeto orientados a objetos e ao desenvolvimento iterativo. Bookman.

Mala, G. A., & Uma, G. V. 2006. Automatic construction of object oriented design models [UML diagrams] from natural language requirements specification. In PRICAI 2006: Trends in Artificial Intelligence (pp. 1155-1159).
Springer Berlin Heidelberg.

Mioto, C. 2009. Sintaxe do Português. LLC/CCE/UFSC.

Mioto, C., Silva, M., Lopes R. 2000. Manual de Sintaxe. Insular.

Omar, N., Hanna, J. R. P., & McKevitt, P. 2004. Heuristicbased entity-relationship modelling through natural language processing. In Artificial Intelligence and Cognitive Science Conference (AICS) (pp. 302-313).

OMG. 2005. Unified Modeling Language UML Version 2.5..

Pressman, R. S. 2011. Engenharia de Software: Uma abordagem profissional. AMGH.

Russel, S., Norvig, P. 2004. Inteligência Artificial. Elsevier.

da Silva, W. C., & Martins, L. E. G. 2008. PARADIGMA: Uma Ferramenta de Apoio à Elicitação e Modelagem de Requisitos Baseada em Processamento de Linguagem Natural. WER, 8, 140-151.

Shalloway, A., Trott, J. R. 2004. Explicando padrões de projeto: uma nova perspectiva em projeto orientado a objeto. Bookman.

Sommerville, I. 2011. Engenharia de Software. Prentice Hall.