Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
EPICS: A Framework for Enforcing Security Policies in Composite Web Services
Download
index.pdf
Date
2019-05-01
Author
Ranchal, Rohit
Bhargava, Bharat
Angın, Pelin
ben Othmane, Lotfi
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
284
views
277
downloads
Cite This
With advances in cloud computing and the emergence of service marketplaces, the popularity of composite services marks a paradigm shift from single-domain monolithic systems to cross-domain distributed services, which raises important privacy and security concerns. Access control becomes a challenge in such systems because authentication, authorization and data disclosure may take place across endpoints that are not known to clients. The clients lack options for specifying policies to control the sharing of their data and have to rely on service providers which offer limited selection of security and privacy preferences. This lack of awareness and loss of control over data sharing increases threats to a client's data and diminishes trust in these systems. We propose EPICS, an efficient and effective solution for enforcing security policies in composite Web services that protects data privacy throughout the service interaction lifecycle. The solution ensures that the data are distributed along with the client policies that dictate data access and an execution monitor that controls data disclosure. It empowers data owners with control of data disclosure decisions during interactions with remote services and reduces the risk of unauthorized access. The paper presents the design, implementation, and evaluation of the EPICS framework.
Subject Keywords
Computer Networks and Communications
,
Hardware and Architecture
,
Information Systems and Management
,
Computer Science Applications
URI
https://hdl.handle.net/11511/35052
Journal
IEEE TRANSACTIONS ON SERVICES COMPUTING
DOI
https://doi.org/10.1109/tsc.2018.2797277
Collections
Department of Computer Engineering, Article
Suggestions
OpenMETU
Core
PLGAKD: A PUF-based Lightweight Group Authentication and Key Distribution Protocol
Yıldız, Hüsnü; Cenk, Murat; Onur, Ertan (Institute of Electrical and Electronics Engineers (IEEE), 2020-11-01)
Securing Internet of Things (IoT) applications that collect and transport sensitive data by guaranteeing authenticity, integrity, and confidentiality is a critical challenge. Reducing computation and communication overhead of security functions is also a key concern since a large number of constrained devices may take place in such applications. Our main focus in this paper is group authentication and key management in IoT. The existing group authentication and key management protocols in the literature per...
Online DDoS attack detection using Mahalanobis distance and Kernel-based learning algorithm
Cakmakci, Salva Daneshgadeh; Kemmerich, Thomas; Ahmed, Tarem; Baykal, Nazife (Elsevier BV, 2020-10-01)
Distributed denial-of-service (DDoS) attacks are constantly evolving as the computer and networking technologies and attackers' motivations are changing. In recent years, several supervised DDoS detection algorithms have been proposed. However, these algorithms require a priori knowledge of the classes and cannot automatically adapt to frequently changing network traffic trends. This emphasizes the need for the development of new DDoS detection mechanisms that target zero-day and sophisticated DDoS attacks....
Big data maturity models for the public sector: a review of state and organizational level models
OKUYUCU, ARAS; Yavuz, Nilay (Emerald, 2020-07-01)
Purpose Despite several big data maturity models developed for businesses, assessment of big data maturity in the public sector is an under-explored yet important area. Accordingly, the purpose of this study is to identify the big data maturity models developed specifically for the public sector and evaluate two major big data maturity models in that respect: one at the state level and the other at the organizational level. Design/methodology/approach A literature search is conducted using Web of Science an...
Energy efficient wireless unicast routing alternatives for machine-to-machine networks
Tekbiyik, Neyre; Uysal, Elif (Elsevier BV, 2011-09-01)
Machine-to-machine (M2M) communications is a new and rapidly developing technology for large-scale networking of devices without dependence on human interaction. Energy efficiency is one of the important design objectives for machine-to-machine network architectures that often contain multihop wireless subnetworks. Constructing energy-efficient routes for sending data through such networks is important not only for the longevity of the nodes which typically depend on battery energy, but also for achieving a...
SWARM-based data delivery in Social Internet of Things
Hasan, Mohammed Zaki; Al-Turjman, Fadi (Elsevier BV, 2019-03-01)
Social Internet of Things (SIoTs) refers to the rapidly growing network of connected objects and people that are able to collect and exchange data using embedded sensors. To guarantee the connectivity among these objects and people, fault tolerance routing has to be significantly considered. In this paper, we propose a bio-inspired particle multi-swarm optimization (PMSO) routing algorithm to construct, recover and select k-disjoint paths that tolerates the failure while satisfying quality of service (QoS) ...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
R. Ranchal, B. Bhargava, P. Angın, and L. ben Othmane, “EPICS: A Framework for Enforcing Security Policies in Composite Web Services,”
IEEE TRANSACTIONS ON SERVICES COMPUTING
, pp. 415–428, 2019, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/35052.