International Journal of Computer Network and Information Security (IJCNIS)
IJCNIS Vol. 11, No. 10, 8 Oct. 2019
Cover page and Table of Contents: PDF (size: 1413KB)
Security Policy Modelling in the Mobile Agent System
Full Text (PDF, 1413KB), PP.26-36
Views: 0 Downloads: 0
Author(s)
Hassan RAZOUKI
1,*
Index Terms
Mobile agents, security, security policy, ontology, semantics
Abstract
The mobile agent security problem limits the use of mobile agent technology and hinders its extensibility and application because the constantly progressed complexity and extension at the level of systems and applications level increase the difficulty to implement a common security system as well as an anticipated security policy.
Ontology is considered one of the most important solutions to the problem of heterogeneity. In this context, our work consists of constructing mobile agent domain security ontology (MASO) in order to eliminate semantic differences between security policies in this domain. We use the OWL language under the protected software to construct this ontology. Then, we chose the WS-Policy standard to model security policies, these policies are structured in forms of security requirements and capabilities. To determine the level of semantic correspondence between security policies we are developing an algorithm called "Matching-algorithm" with Java language and two APIs (Jena API and Jdom API) to manipulate the MASO ontology and security policies.
Cite This Paper
Hassan RAZOUKI, "Security Policy Modelling in the Mobile Agent System", International Journal of Computer Network and Information Security(IJCNIS), Vol.11, No.10, pp.26-36, 2019.DOI:10.5815/ijcnis.2019.10.04
Reference
[1]P. Ahuja and V. Sharma, “A Review on Mobile Agent Security”, International Journal of Recent Technology and Engineering, 2012, vol. 1, pp. 2-5.
[2]H. Razouki and A. Hair, “Self-Adaptive Security for Mobiles Agents”, International Journal of Computer Applications, 2014, vol 94, n 13, pp. 24-29.
[3]H. Razouki and A. Hair, “Towards A New Security Architecture of Mobile Agents”, International Journal of Soft Computing and Engineering, 2014, vol 3, n 6, pp. 1-6.
[4]V. Singh and S.K. Pandey, “Revisiting security ontologies”, International Journal of Computer Science, 2014, vol 11, n°6, pp. 150-159.
[5]A. Musen Mark, “The Protégé project: a look back and a look forward”, AI Matters, 2015, vol 1, n°4, pp. 4-12.
[6]A. Vedamuthu, D. Orchard, F. Hirsch, M. Hondo, P. Yendluri, T. Boubez and U. Yal¬cinalp, “Web Services policy 1.5 Framework”, W3C recommendation, 2007. http://www.w3.org/TR/ws-policy/.
[7]M.K. Srinivasan, K. Sarukesi, P. Rodrigues, M. SaiManoj and P. Revathy, “State-of-the art Cloud Computing security taxonomies: a classification of security challenges in the present Cloud Computing environment”, 2014, http://dl.acm.org/citation.cfm?id=2345474.
[8]B. Tsoumas and D. Gritzalis, “Towards an ontology based security management”, AINA 2TH International Conference Advanced Information Networking Applications, 2006, vol 1, pp. 985-992.
[9]I. Gorodetski, L.J. Popyack, I.V. Kotenko and V.A. Skormin, “Ontology-based multi-agent model of an information security system”, Proceedings of 7th International Workshop. RSFDGrC’99, 9-11 Nov 1999, pp. 528–532.
[10]A. Vorobiev and J. Han, “Security attack ontology for web services”, Second International Conference on Semantics Knowledge and Grid, 2006.
[11]S. Fenz, “Ontology-based generation of IT-security metrics. SAC”, 10 Proceeding of the 2010 ACM Symposium on Applied Computing, 2010, pp. 1833-1839.
[12]J. Gao, B. Zhang, X. Chen and Z. Luo, “Ontology-based model of network and computer attacks for security assessment”, J. Shanghai Jiaotong Univ. (Sci.), 2013, vol 18, n5, pp. 554-562.
[13]A. Gyrard, C. Bonnet and K. Boudaoud, “The STAC (Security Toolbox: Attacks and Counter measures) ontology”, ACM Companion, 13–17 May 2013.
[14]A.A. Assali, D. Lenne and B. Debray, “Ontology development for industrial risk analysis”, IEEE International Conference on Information & Communication Technologies: from Theory to Applications (ICTTA 2008), Damascus, Syria, Apr 2008.
[15]S. Hacini and R. Lekhchine, “Security ontology for mobile agent’s protection”, International Journal of Computer Theory and Engineering, 2012, vol. 4, n3.
[16]S., Dritsas, L. Gymnopoulos, M Karyda., T. Balopoulos, S. Kokolakis, C. Lambrinoudakis and S. Katsikas, “knowledge-based approach to security requirements for e-health applications”, 2014. http://www.ejeta.org/specia lOct06-issue/ejeta-special06oct-4.pdf.
[17]A. Evesti, R. Savola, E. Ovaska and J Kuusijärvi, “The design, instantiation, and usage of information security measuring ontology”, 2011.
[18]G. Elahi, E. Yu and N. Zannone, “A modeling ontology for integrating vulnerabilities into security requirements conceptual foundations?”, Proceedings of 28th International Conference on Conceptual Modeling, vol. 5829, 9–12 Nov 2009. Springer, Berlin Heidelberg, pp. 99-114.
[19]L. Obrsta, P. Chaseb and R. Markeloffa, “An ontology of the cyber security domain”, http://ceurws.org/Vol966/ STIDS2012_T06_ObrstEtAl_CyberOntology.pdf. Accessed 19 Feb 2014.
[20]T. Takahashi, Y. Kadobayashi, H. Fujiwara, “Ontological approach toward cyber security in Cloud Computing”, Proceedings of the 3rd International Conference on Security of Information and Networks, 07 Sept 2010, pp. 100–109.
[21]E. Kamalakannan, B. Prabhakaran and K.S. Arvind, “. A study on security and ontology in cloud computing”, International Journal of Advanced Research in Computer and Communication Engineering, 2013, vol 2, n°10.
[22]A.M. Talib, R. Atan, R. Abdullah and M.A.M. Murad, Security ontology-driven multi-agent system architecture for cloud data storage security ontology development”, International Journal of Computer Science and Network Security, 2012, vol 12, n5.
[23]H. Razouki and A. Hair, “Security for Mobile Agents: Trust Estimate for Platforms”, TELKOMNIKA Indonesian Journal of Electrical Engineering, 2015, vol. 15, n2, pp. 381-389.