Hanieh Azkia, N. Cuppens-Boulahia, F. Cuppens, G. Coatrieux
{"title":"基于本体的日志内容提取引擎,用于事后访问控制","authors":"Hanieh Azkia, N. Cuppens-Boulahia, F. Cuppens, G. Coatrieux","doi":"10.1504/IJKL.2014.067149","DOIUrl":null,"url":null,"abstract":"In some complex information systems, users do not undergo untimely access controls. Generally, whenever they perform an action, this action is logged by the target system. Based on these log les, a security control called a posteriori access control is made afterwards. The logged data can be recorded in dierent formats (Syslog, W3C extend log, specic domain log standard like IHE-ATNA, etc.). An a posteriori security control framework requires a log ltering engine which extracts useful information regardless of the log format used. In this paper, we dene and enforce this extraction function by building an ontology model of logs. This logs ontology is queried to check the compliance of actions performed by the users of the considered system with its access control policy (violations, anomalies, fulllments, etc.). We show how the a posteriori security controls are made eective and how security decisions are made easier based on this extraction function.","PeriodicalId":163161,"journal":{"name":"Int. J. Knowl. Learn.","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Log content extraction engine based on ontology for the purpose of a posteriori access control\",\"authors\":\"Hanieh Azkia, N. Cuppens-Boulahia, F. Cuppens, G. Coatrieux\",\"doi\":\"10.1504/IJKL.2014.067149\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In some complex information systems, users do not undergo untimely access controls. Generally, whenever they perform an action, this action is logged by the target system. Based on these log les, a security control called a posteriori access control is made afterwards. The logged data can be recorded in dierent formats (Syslog, W3C extend log, specic domain log standard like IHE-ATNA, etc.). An a posteriori security control framework requires a log ltering engine which extracts useful information regardless of the log format used. In this paper, we dene and enforce this extraction function by building an ontology model of logs. This logs ontology is queried to check the compliance of actions performed by the users of the considered system with its access control policy (violations, anomalies, fulllments, etc.). We show how the a posteriori security controls are made eective and how security decisions are made easier based on this extraction function.\",\"PeriodicalId\":163161,\"journal\":{\"name\":\"Int. J. Knowl. Learn.\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Knowl. Learn.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/IJKL.2014.067149\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Knowl. Learn.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJKL.2014.067149","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Log content extraction engine based on ontology for the purpose of a posteriori access control
In some complex information systems, users do not undergo untimely access controls. Generally, whenever they perform an action, this action is logged by the target system. Based on these log les, a security control called a posteriori access control is made afterwards. The logged data can be recorded in dierent formats (Syslog, W3C extend log, specic domain log standard like IHE-ATNA, etc.). An a posteriori security control framework requires a log ltering engine which extracts useful information regardless of the log format used. In this paper, we dene and enforce this extraction function by building an ontology model of logs. This logs ontology is queried to check the compliance of actions performed by the users of the considered system with its access control policy (violations, anomalies, fulllments, etc.). We show how the a posteriori security controls are made eective and how security decisions are made easier based on this extraction function.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
