dc.contributor.author |
Gogoulos, F |
en |
dc.contributor.author |
Antonakopoulou, A |
en |
dc.contributor.author |
Lioudakis, GV |
en |
dc.contributor.author |
Mousas, AS |
en |
dc.contributor.author |
Kaklamani, DI |
en |
dc.contributor.author |
Venieris, IS |
en |
dc.date.accessioned |
2014-03-01T02:46:57Z |
|
dc.date.available |
2014-03-01T02:46:57Z |
|
dc.date.issued |
2010 |
en |
dc.identifier.uri |
https://dspace.lib.ntua.gr/xmlui/handle/123456789/32951 |
|
dc.subject |
Access control |
en |
dc.subject |
Authorisation |
en |
dc.subject |
Passive network monitoring |
en |
dc.subject |
Privacy |
en |
dc.subject |
Semantic information model |
en |
dc.subject.other |
Access control policies |
en |
dc.subject.other |
Authorisation |
en |
dc.subject.other |
Authorization and access control |
en |
dc.subject.other |
Communication networks |
en |
dc.subject.other |
Control and protection |
en |
dc.subject.other |
Control procedures |
en |
dc.subject.other |
Innovative approaches |
en |
dc.subject.other |
Monitoring applications |
en |
dc.subject.other |
Network links |
en |
dc.subject.other |
Network Monitoring |
en |
dc.subject.other |
Ontological models |
en |
dc.subject.other |
Particular condition |
en |
dc.subject.other |
Passive network monitoring |
en |
dc.subject.other |
Privacy |
en |
dc.subject.other |
Privacy preserving |
en |
dc.subject.other |
Privacy-Aware Access Control |
en |
dc.subject.other |
Semantic information model |
en |
dc.subject.other |
Two stage |
en |
dc.subject.other |
Computer software maintenance |
en |
dc.subject.other |
Embedded software |
en |
dc.subject.other |
Embedded systems |
en |
dc.subject.other |
Information technology |
en |
dc.subject.other |
Monitoring |
en |
dc.subject.other |
Passive networks |
en |
dc.subject.other |
Security systems |
en |
dc.subject.other |
Access control |
en |
dc.title |
Privacy-aware access control and authorization in passive network monitoring infrastructures |
en |
heal.type |
conferenceItem |
en |
heal.identifier.primary |
10.1109/CIT.2010.203 |
en |
heal.identifier.secondary |
http://dx.doi.org/10.1109/CIT.2010.203 |
en |
heal.identifier.secondary |
5578562 |
en |
heal.publicationDate |
2010 |
en |
heal.abstract |
Despite the usefulness of passive network monitoring for the operation, maintenance, control and protection of communication networks, as well as law enforcement, network monitoring activities are surrounded by serious privacy implications. In this paper, an innovative approach for privacy-preserving authorization and access control to data originating from passive network monitoring is described. The proposed framework relies on an ontological model for the specification of the access control policies, which are evaluated and enforced on a two-phase and two-stage basis by a system that intercedes between the network link and the monitoring applications. The two stages refer to controlled access regarding both the data that are disclosed to the monitoring application from the mediating system and the raw data that the mediator retrieves from the network link. On the other hand, the two phases concern respectively the execution of ""static"" and ""dynamic"" control; the former enforces the rules that are a priori applicable, grounded on the data, role and purpose semantics, while the latter evaluates the real-time contextual parameters for the adaptation of the access control procedures to the particular conditions underlying a request. © 2010 IEEE. |
en |
heal.journalName |
Proceedings - 10th IEEE International Conference on Computer and Information Technology, CIT-2010, 7th IEEE International Conference on Embedded Software and Systems, ICESS-2010, ScalCom-2010 |
en |
dc.identifier.doi |
10.1109/CIT.2010.203 |
en |
dc.identifier.spage |
1114 |
en |
dc.identifier.epage |
1121 |
en |