Universität Hamburg

Universität Hamburg

SVS - Security in Distributed Systems
MIN Faculty.Informatics.SVS
   UHH  >  Dept. of Informatics  >  SVS  > Modeling Security Policy      SiteMapSitemap  SearchSearch Seitenende
*SVS Homepage
*General Information
*Events and Conferences
*People
*Research
*Teaching
*For Students
*Open Positions

Diploma thesis:

Modeling Security Policy

Motivation:

Imagine a scenario where a non-EU country citizen living in Hamburg arrives at London Heathrow Airport with a suspicious passport. Let’s say the border control officer is convinced that the ID is a fraud. He then needs to contact Germany and the originating country of the person in question for further investigation. Eventually, he might need to request a European Arrest Warrant to be issued in case the person’s identity could not be verified. Without stating gory details, one can imagine numerous interactions required among the authorities of different nations. In order for R4eGov project to provide a working eGovernment solution for such heterogeneous collaborative workflows, it is vital that a security policy is modeled so that the inter-organization activities can be performed correctly and securely. For high-level overview information about R4eGov project, refer to the following link >>.

Goal:

The goal of this thesis work is to provide a feasible security policy framework for the R4eGov collaborative workflows by assessing the existing solutions against the security requirements of the given collaborative workflow environment. Some of the issues to be considered are separation of duties, delegation, repudiation, and access controls. Due to the heterogeneousness of the distributed entities involved, it is expected that the suitable solution is likely to be modeled with a combination of a number of existing mechanisms.

Tasks:

1. Developing a set of security requirements (Refer to the related studienarbeit description for a possible strategy to collect the requirements >>)

2. Analysis of existing security policy languages:

Survey relevant security policy frameworks/specifications, understand how they work, and compare their strengths and weakness based on the resulting security requirements from the previous step. Some of the examples of choices are XACML/WS-Policy, Ponder, Rei, KAoS, and SWRL.

3. Recommendation of a security policy framework for the r4eGov workflow environment with a “proof-of-concept” implementation for modeling security policy:

The “proof-of-concept” implementation could be a tool to express security policy with the selected framework with minimum semantic error handlings such as functionality to detect and resolve conflicting rules.

Tasks per Month

1

2

3

4

5

6

1. Resource gathering

 

 

 

 

 

 

2. Developing security requirements

 

 

 

 

 

 

3. Analysis of security policies

 

 

 

 

 

 

4. Selecting security policies

 

 

 

 

 

 

5. Documentation / Write-Up

 

 

 

 

 

 

Contact:

If you are interested, please contact Hannah Lee.

Note: The thesis must be completed in English
  Impressum Last modified: 29/10/2007 - 10:01:26 by hl Seitenanfang