PEP-side caching: An insider threat port

Qussai Yaseen; Qutaibah Althebyan; Yaser Jararweh

doi:10.1109/IRI.2013.6642464

PEP-side caching: An insider threat port

Qussai Yaseen
, Qutaibah Althebyan
, Yaser Jararweh

Yarmouk University
Jordan University of Science and Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

15 Scopus citations

Abstract

PEP-side caching is used in request-response access control mechanisms to increase the availability and reduce the processing overhead on PDP. Nonetheless, this paper shows that using this approach may open an insider threat port that can be used to bypass access control models in cloud and distributed relational databases. Moreover, the paper proposes a light model that detects and prevents the threat without affecting the performance of PEP and PDP, and it keeps the advantages of PEP-side caching model.

Original language	English
Title of host publication	Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013
Publisher	IEEE Computer Society
Pages	137-144
Number of pages	8
ISBN (Print)	9781479910502
DOIs	https://doi.org/10.1109/IRI.2013.6642464
State	Published - 2013
Externally published	Yes
Event	2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013 - San Francisco, CA, United States Duration: 14 Aug 2013 → 16 Aug 2013

Publication series

Name	Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013

Conference

Conference	2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013
Country/Territory	United States
City	San Francisco, CA
Period	14/08/13 → 16/08/13

Keywords

Access Control
Cloud Computing
Insider Threat
PEP-Side caching
Relational Databases

Access to Document

10.1109/IRI.2013.6642464

Cite this

Yaseen, Q., Althebyan, Q., & Jararweh, Y. (2013). PEP-side caching: An insider threat port. In Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013 (pp. 137-144). Article 6642464 (Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013). IEEE Computer Society. https://doi.org/10.1109/IRI.2013.6642464

@inproceedings{7d77f63b168e4ab49bbcde2e1775996f,

title = "PEP-side caching: An insider threat port",

abstract = "PEP-side caching is used in request-response access control mechanisms to increase the availability and reduce the processing overhead on PDP. Nonetheless, this paper shows that using this approach may open an insider threat port that can be used to bypass access control models in cloud and distributed relational databases. Moreover, the paper proposes a light model that detects and prevents the threat without affecting the performance of PEP and PDP, and it keeps the advantages of PEP-side caching model.",

keywords = "Access Control, Cloud Computing, Insider Threat, PEP-Side caching, Relational Databases",

author = "Qussai Yaseen and Qutaibah Althebyan and Yaser Jararweh",

year = "2013",

doi = "10.1109/IRI.2013.6642464",

language = "English",

isbn = "9781479910502",

series = "Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013",

publisher = "IEEE Computer Society",

pages = "137--144",

booktitle = "Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013",

address = "United States",

note = "2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013 ; Conference date: 14-08-2013 Through 16-08-2013",

}

Yaseen, Q, Althebyan, Q & Jararweh, Y 2013, PEP-side caching: An insider threat port. in Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013., 6642464, Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013, IEEE Computer Society, pp. 137-144, 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013, San Francisco, CA, United States, 14/08/13. https://doi.org/10.1109/IRI.2013.6642464

PEP-side caching: An insider threat port. / Yaseen, Qussai; Althebyan, Qutaibah; Jararweh, Yaser.
Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013. IEEE Computer Society, 2013. p. 137-144 6642464 (Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - PEP-side caching

T2 - 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013

AU - Yaseen, Qussai

AU - Althebyan, Qutaibah

AU - Jararweh, Yaser

PY - 2013

Y1 - 2013

N2 - PEP-side caching is used in request-response access control mechanisms to increase the availability and reduce the processing overhead on PDP. Nonetheless, this paper shows that using this approach may open an insider threat port that can be used to bypass access control models in cloud and distributed relational databases. Moreover, the paper proposes a light model that detects and prevents the threat without affecting the performance of PEP and PDP, and it keeps the advantages of PEP-side caching model.

AB - PEP-side caching is used in request-response access control mechanisms to increase the availability and reduce the processing overhead on PDP. Nonetheless, this paper shows that using this approach may open an insider threat port that can be used to bypass access control models in cloud and distributed relational databases. Moreover, the paper proposes a light model that detects and prevents the threat without affecting the performance of PEP and PDP, and it keeps the advantages of PEP-side caching model.

KW - Access Control

KW - Cloud Computing

KW - Insider Threat

KW - PEP-Side caching

KW - Relational Databases

UR - https://www.scopus.com/pages/publications/84891106463

U2 - 10.1109/IRI.2013.6642464

DO - 10.1109/IRI.2013.6642464

M3 - Conference contribution

AN - SCOPUS:84891106463

SN - 9781479910502

T3 - Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013

SP - 137

EP - 144

BT - Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013

PB - IEEE Computer Society

Y2 - 14 August 2013 through 16 August 2013

ER -

Yaseen Q, Althebyan Q, Jararweh Y. PEP-side caching: An insider threat port. In Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013. IEEE Computer Society. 2013. p. 137-144. 6642464. (Proceedings of the 2013 IEEE 14th International Conference on Information Reuse and Integration, IEEE IRI 2013). doi: 10.1109/IRI.2013.6642464

PEP-side caching: An insider threat port

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this