Verfügbarkeit: Security policies in pervasive systems

Security policies in pervasive systems: design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Schütte, Julian Hendrik (VerfasserIn)
Format:	Abschlussarbeit Buch
Sprache:	English
Veröffentlicht:	2013
Schlagworte:	Hochschulschrift
Online-Zugang:	Volltext https://nbn-resolving.org/urn:nbn:de:bvb:91-diss-20130813-1128393-0-4 Inhaltsverzeichnis
Beschreibung:	210 S. graph. Darst.

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV041266270
003	DE-604
005	20140204
007	t
008	130911s2013 d\|\|\| m\|\|\| 00\|\|\| eng d
035			\|a (OCoLC)859395959
035			\|a (DE-599)BVBBV041266270
040			\|a DE-604 \|b ger \|e rakwb
041	0		\|a eng
049			\|a DE-384 \|a DE-473 \|a DE-703 \|a DE-1051 \|a DE-824 \|a DE-29 \|a DE-12 \|a DE-91 \|a DE-19 \|a DE-1049 \|a DE-92 \|a DE-739 \|a DE-898 \|a DE-355 \|a DE-706 \|a DE-20 \|a DE-1102 \|a DE-91G
082	0		\|a 005.8 \|2 22//ger
084			\|a DAT 460d \|2 stub
084			\|a DAT 050d \|2 stub
100	1		\|a Schütte, Julian Hendrik \|e Verfasser \|4 aut
245	1	0	\|a Security policies in pervasive systems \|b design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems \|c Julian Hendrik Schütte
264		1	\|c 2013
300			\|a 210 S. \|b graph. Darst.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
502			\|a München, Techn. Univ., Diss., 2013
655		7	\|0 (DE-588)4113937-9 \|a Hochschulschrift \|2 gnd-content
776	0	8	\|i Erscheint auch als \|n Online-Ausgabe \|o urn:nbn:de:bvb:91-diss-20130813-1128393-0-4
856	4	1	\|u http://mediatum.ub.tum.de/node?id=1128393 \|x Verlag \|z kostenfrei \|3 Volltext
856	4		\|u https://nbn-resolving.org/urn:nbn:de:bvb:91-diss-20130813-1128393-0-4 \|x Resolving-System
856	4	2	\|m DNB Datenaustausch \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026239978&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
912			\|a ebook
999			\|a oai:aleph.bib-bvb.de:BVB01-026239978

Datensatz im Suchindex

_version_	1804150729299984384
adam_text	IMAGE 1 CONTENTS LIST OF FIGURES XIII LIST OF TABLES XV 1 INTRODUCTION 17 1.1 PROBLEM STATEMENT AND MOTIVATION OF THIS THESIS 18 1.2 CONTRIBUTION OF THIS THESIS 21 1.3 ORGANISATION OF THIS THESIS 23 2 BACKGROUND 25 2.1 DISTRIBUTED PERVASIVE SYSTEMS 25 2.1.1 DISTRIBUTED SYSTEM ARCHITECTURES 25 2.1.2 CHARACTERISTICS OF PERVASIVE SYSTEMS APPLICATIONS 28 2.2 SEMANTIC WEB TECHNOLOGIES 30 2.2.1 DESCRIPTION LOGICS 30 2.2.2 COMMON REASONING SERVICES 32 2.2.3 REPRESENTATION LANGUAGES 33 3 STATE OF THE ART IN SECURITY POLICY FRAMEWORKS 37 3.1 STANDARDISATION EFFORTS 37 3.2 FRAMEWORKS WITH A FOCUS ON SEMANTICS 39 3.2.1 PROTUNE 39 3.2.2 REIN 40 3.2.3 KAOS 41 3.2.4 SICARI 42 3.3 FRAMEWORKS WITH A FOCUS ON SCALABILITY AND EXTENSIBILITY 42 3.3.1 CASSANDRA 42 3.3.2 OPL (ORKA POLICY LANGUAGE) 43 3.3.3 XACML 44 HTTP://D-NB.INFO/1042925860 IMAGE 2 X CONTENTS 3.4 FRAMEWORKS WITH A FOCUS ON EASY INTEGRATION INTO PERVASIVE SYSTEMS 45 3.4.1 PROTEUS 45 3.4.2 PONDER2 46 3.4.3 IBM POLICY MANAGEMENT LIBRARY 48 3.5 SUMMARY AND IDENTIFICATION OF GAPS 49 4 TOWARDS AN EXTENSIBLE POLICY FRAMEWORK FOR PERVASIVE SYSTEMS 51 4.1 REQUIREMENTS 51 4.1.1 INTEGRATION INTO THE UNDERLYING MIDDLEWARE 51 4.1.2 CONTROLLING THE SECURITY OF PERVASIVE SYSTEMS APPLICATIONS 52 4.1.3 HANDLING MULTIPLE POLICY DOMAINS 54 4.1.4 EXTENSIBILITY 54 4.1.5 POLICY COMPREHENSION AND CONSISTENCY 55 4.1.6 NON-FUNCTIONAL REQUIREMENTS 56 4.2 OVERVIEW OF THE APPROACH 56 4.2.1 FRAMEWORK ARCHITECTURE 56 4.2.2 POLICY MODELS 57 4.2.3 CROSS-DOMAIN POLICY HANDLING 58 4.2.4 EXTENSIBILITY AND ANALYSABILITY 58 5 CORE POLICY MODEL AND MECHANISMS 61 5.1 POLICY ENCODING 62 5.1.1 PROPRIETARY REPRESENTATIONS 62 5.1.2 DESCRIPTION LOGICS 63 5.1.3 LOGIC PROGRAMS 64 5.1.4 CONCLUSION AND CHOICE OF ENCODING 65 5.2 POLICY DECISION PROCESS 68 5.3 BASIC AUTHORISATION POLICIES 70 5.3.1 MODELLING RULES 71 5.3.2 PUTTING RULES IN ORDER 71 5.3.3 DEFINING POLICIES IN THE ABAC MODEL 73 5.3.4 EVALUATION OF ACCESS REQUESTS 73 5.3.5 DISCUSSION 74 5.4 REACTIVE POLICIES 74 5.4.1 MODELLING EVENTS 76 5.4.2 MODELLING CONDITIONS 79 5.4.3 MODELLING ACTIONS 80 5.4.4 DISCUSSION 82 5.5 METAPOLICIES FOR CONFLICT HANDLING 84 5.5.1 RELATED WORK 85 5.5.2 BASIC METAPOLICY MODEL 86 5.5.3 EVALUATION OF METAPOLICIES 88 5.6 CONSTRAINT CHECKING 92 IMAGE 3 CONTENTS XI 5.7 SUMMARY 95 6 FRAMEWORK BUILDING BLOCKS AND SOFTWARE ARCHITECTURE 99 6.1 PREREQUISITES 99 6.2 OVERVIEW 101 6.3 ARCHITECTURE 104 6.3.1 POLICY DECISION COMPONENTS 104 6.3.2 POLICY ENFORCEMENT 111 6.3.3 COMMUNICATION LAYER 112 6.3.4 EVENT MECHANISMS 113 6.3.5 SECURITY CONSIDERATIONS 114 6.4 POLICY MODULES 116 6.4.1 EXTENSION POINTS 116 6.4.2 COLLABORATION BETWEEN MODULES 120 6.5 SUMMARY 120 7 APPLICATION TO PERVASIVE SYSTEMS 123 7.1 PROTOTYPE REALISATION 124 7.1.1 OSGI 124 7.1.2 FRAMEWORK COMPONENTS 128 7.1.3 INTEGRATION OF PEPS 129 7.1.4 USER INTERFACES 130 7.2 DYNAMIC ROLE-BASED ACCESS CONTROL 132 7.2.1 MODELLING RBAC IN OWL 133 7.2.2 MODELLING SEPARATION OF DUTY 134 7.2.3 DYNAMIC ROLE ACTIVATION USING ECA POLICIES 135 7.2.4 ANALYSING PROPERTIES OF THE DRBAC MODEL 136 7.2.5 PROTOTYPE EVALUATION 137 7.3 SITUATION-BASED SECURITY 138 7.3.1 OVERVIEW 139 7.3.2 MODEL EXTENSIONS 141 7.3.3 PROTOTYPE 142 7.4 HANDLING CROSS-DOMAIN POLICY CONFLICTS 150 7.4.1 USE CASE 150 7.4.2 POLICY MODEL 151 7.4.3 PROTOTYPE 154 7.5 MULTILATERAL POLICY REFINEMENT AND NEGOTIATION 157 7.5.1 OVERVIEW 158 7.5.2 RELATED WORK 161 7.5.3 POLICY MODEL 162 7.5.4 MICRO-ECONOMIC APPROACH FOR SOLVING THE OPTIMISATION PROBLEM 164 7.5.5 REALISATION OF THE MULTILATERAL NEGOTIATION MODULE 166 7.5.6 PROTOTYPE 171 IMAGE 4 XII CONTENTS 7.6 SUMMARY 171 8 CONCLUSION AND PROSPECTS 175 8.1 DISCUSSION OF REQUIREMENTS 176 8.2 CONTRIBUTIONS TO RESEARCH QUESTIONS 178 8.3 OUTLOOK ON FUTURE RESEARCH 179 8.3.1 FRAMEWORK EXTENSIONS 179 8.3.2 APPLICATIONS TO OTHER AREAS 181 BIBLIOGRAPHY 184 ACRONYMS 201 A DEFEASIBLE LOGIC PROOF THEORY 203 B CODE SNIPPETS 205 C PUBLICATIONS IN THE CONTEXT OF THIS THESIS 207
any_adam_object	1
author	Schütte, Julian Hendrik
author_facet	Schütte, Julian Hendrik
author_role	aut
author_sort	Schütte, Julian Hendrik
author_variant	j h s jh jhs
building	Verbundindex
bvnumber	BV041266270
classification_tum	DAT 460d DAT 050d
collection	ebook
ctrlnum	(OCoLC)859395959 (DE-599)BVBBV041266270
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Thesis Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01663nam a2200361 c 4500</leader><controlfield tag="001">BV041266270</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20140204 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">130911s2013 d\|\|\| m\|\|\| 00\|\|\| eng d</controlfield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)859395959</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV041266270</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-384</subfield><subfield code="a">DE-473</subfield><subfield code="a">DE-703</subfield><subfield code="a">DE-1051</subfield><subfield code="a">DE-824</subfield><subfield code="a">DE-29</subfield><subfield code="a">DE-12</subfield><subfield code="a">DE-91</subfield><subfield code="a">DE-19</subfield><subfield code="a">DE-1049</subfield><subfield code="a">DE-92</subfield><subfield code="a">DE-739</subfield><subfield code="a">DE-898</subfield><subfield code="a">DE-355</subfield><subfield code="a">DE-706</subfield><subfield code="a">DE-20</subfield><subfield code="a">DE-1102</subfield><subfield code="a">DE-91G</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22//ger</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">DAT 460d</subfield><subfield code="2">stub</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">DAT 050d</subfield><subfield code="2">stub</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Schütte, Julian Hendrik</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Security policies in pervasive systems</subfield><subfield code="b">design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems</subfield><subfield code="c">Julian Hendrik Schütte</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2013</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">210 S.</subfield><subfield code="b">graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="502" ind1=" " ind2=" "><subfield code="a">München, Techn. Univ., Diss., 2013</subfield></datafield><datafield tag="655" ind1=" " ind2="7"><subfield code="0">(DE-588)4113937-9</subfield><subfield code="a">Hochschulschrift</subfield><subfield code="2">gnd-content</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe</subfield><subfield code="o">urn:nbn:de:bvb:91-diss-20130813-1128393-0-4</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">http://mediatum.ub.tum.de/node?id=1128393</subfield><subfield code="x">Verlag</subfield><subfield code="z">kostenfrei</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="4" ind2=" "><subfield code="u">https://nbn-resolving.org/urn:nbn:de:bvb:91-diss-20130813-1128393-0-4</subfield><subfield code="x">Resolving-System</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">DNB Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026239978&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ebook</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-026239978</subfield></datafield></record></collection>
genre	(DE-588)4113937-9 Hochschulschrift gnd-content
genre_facet	Hochschulschrift
id	DE-604.BV041266270
illustrated	Illustrated
indexdate	2024-07-10T00:43:33Z
institution	BVB
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-026239978
oclc_num	859395959
open_access_boolean	1
owner	DE-384 DE-473 DE-BY-UBG DE-703 DE-1051 DE-824 DE-29 DE-12 DE-91 DE-BY-TUM DE-19 DE-BY-UBM DE-1049 DE-92 DE-739 DE-898 DE-BY-UBR DE-355 DE-BY-UBR DE-706 DE-20 DE-1102 DE-91G DE-BY-TUM
owner_facet	DE-384 DE-473 DE-BY-UBG DE-703 DE-1051 DE-824 DE-29 DE-12 DE-91 DE-BY-TUM DE-19 DE-BY-UBM DE-1049 DE-92 DE-739 DE-898 DE-BY-UBR DE-355 DE-BY-UBR DE-706 DE-20 DE-1102 DE-91G DE-BY-TUM
physical	210 S. graph. Darst.
psigel	ebook
publishDate	2013
publishDateSearch	2013
publishDateSort	2013
record_format	marc
spelling	Schütte, Julian Hendrik Verfasser aut Security policies in pervasive systems design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems Julian Hendrik Schütte 2013 210 S. graph. Darst. txt rdacontent n rdamedia nc rdacarrier München, Techn. Univ., Diss., 2013 (DE-588)4113937-9 Hochschulschrift gnd-content Erscheint auch als Online-Ausgabe urn:nbn:de:bvb:91-diss-20130813-1128393-0-4 http://mediatum.ub.tum.de/node?id=1128393 Verlag kostenfrei Volltext https://nbn-resolving.org/urn:nbn:de:bvb:91-diss-20130813-1128393-0-4 Resolving-System DNB Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026239978&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Schütte, Julian Hendrik Security policies in pervasive systems design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems
subject_GND	(DE-588)4113937-9
title	Security policies in pervasive systems design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems
title_auth	Security policies in pervasive systems design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems
title_exact_search	Security policies in pervasive systems design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems
title_full	Security policies in pervasive systems design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems Julian Hendrik Schütte
title_fullStr	Security policies in pervasive systems design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems Julian Hendrik Schütte
title_full_unstemmed	Security policies in pervasive systems design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems Julian Hendrik Schütte
title_short	Security policies in pervasive systems
title_sort	security policies in pervasive systems design of a modular security policy framework for semantic multi domain service oriented pervasive systems
title_sub	design of a modular security policy framework for semantic, multi-domain, service-oriented pervasive systems
topic_facet	Hochschulschrift
url	http://mediatum.ub.tum.de/node?id=1128393 https://nbn-resolving.org/urn:nbn:de:bvb:91-diss-20130813-1128393-0-4 http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026239978&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT schuttejulianhendrik securitypoliciesinpervasivesystemsdesignofamodularsecuritypolicyframeworkforsemanticmultidomainserviceorientedpervasivesystems

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Volltext öffnen

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge