基于本体的日志内容提取引擎，用于事后访问控制

Int. J. Knowl. Learn. Pub Date : 2014-02-01 DOI:10.1504/IJKL.2014.067149

Hanieh Azkia, N. Cuppens-Boulahia, F. Cuppens, G. Coatrieux

{"title":"基于本体的日志内容提取引擎，用于事后访问控制","authors":"Hanieh Azkia, N. Cuppens-Boulahia, F. Cuppens, G. Coatrieux","doi":"10.1504/IJKL.2014.067149","DOIUrl":null,"url":null,"abstract":"In some complex information systems, users do not undergo untimely access controls. Generally, whenever they perform an action, this action is logged by the target system. Based on these log les, a security control called a posteriori access control is made afterwards. The logged data can be recorded in dierent formats (Syslog, W3C extend log, specic domain log standard like IHE-ATNA, etc.). An a posteriori security control framework requires a log ltering engine which extracts useful information regardless of the log format used. In this paper, we dene and enforce this extraction function by building an ontology model of logs. This logs ontology is queried to check the compliance of actions performed by the users of the considered system with its access control policy (violations, anomalies, fulllments, etc.). We show how the a posteriori security controls are made eective and how security decisions are made easier based on this extraction function.","PeriodicalId":163161,"journal":{"name":"Int. J. Knowl. Learn.","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Log content extraction engine based on ontology for the purpose of a posteriori access control\",\"authors\":\"Hanieh Azkia, N. Cuppens-Boulahia, F. Cuppens, G. Coatrieux\",\"doi\":\"10.1504/IJKL.2014.067149\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In some complex information systems, users do not undergo untimely access controls. Generally, whenever they perform an action, this action is logged by the target system. Based on these log les, a security control called a posteriori access control is made afterwards. The logged data can be recorded in dierent formats (Syslog, W3C extend log, specic domain log standard like IHE-ATNA, etc.). An a posteriori security control framework requires a log ltering engine which extracts useful information regardless of the log format used. In this paper, we dene and enforce this extraction function by building an ontology model of logs. This logs ontology is queried to check the compliance of actions performed by the users of the considered system with its access control policy (violations, anomalies, fulllments, etc.). We show how the a posteriori security controls are made eective and how security decisions are made easier based on this extraction function.\",\"PeriodicalId\":163161,\"journal\":{\"name\":\"Int. J. Knowl. Learn.\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Knowl. Learn.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1504/IJKL.2014.067149\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Knowl. Learn.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJKL.2014.067149","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

在一些复杂的信息系统中，用户不会受到不及时的访问控制。通常，无论何时执行操作，目标系统都会记录该操作。基于这些日志，之后会进行称为事后访问控制的安全控制。日志数据可以以不同的格式记录(Syslog、W3C扩展日志、特定的域日志标准，如IHE-ATNA等)。后验安全控制框架需要一个日志过滤引擎，无论使用何种日志格式，它都可以提取有用的信息。在本文中，我们通过建立日志的本体模型来确定和实现这个提取功能。查询该日志本体是为了检查所考虑的系统的用户执行的操作是否符合其访问控制策略(违规、异常、完成等)。我们将展示如何使后验安全控制有效，以及如何基于此提取函数更容易地做出安全决策。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Log content extraction engine based on ontology for the purpose of a posteriori access control

In some complex information systems, users do not undergo untimely access controls. Generally, whenever they perform an action, this action is logged by the target system. Based on these log les, a security control called a posteriori access control is made afterwards. The logged data can be recorded in dierent formats (Syslog, W3C extend log, specic domain log standard like IHE-ATNA, etc.). An a posteriori security control framework requires a log ltering engine which extracts useful information regardless of the log format used. In this paper, we dene and enforce this extraction function by building an ontology model of logs. This logs ontology is queried to check the compliance of actions performed by the users of the considered system with its access control policy (violations, anomalies, fulllments, etc.). We show how the a posteriori security controls are made eective and how security decisions are made easier based on this extraction function.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Int. J. Knowl. Learn.

自引率

0.00%

发文量