Enforceable security policies
نویسندگان
چکیده
منابع مشابه
Which security policies are enforceable by runtime monitors? A survey
Runtime monitoring is a widely used approach to ensure code safety. Several implementations of formal monitors have been proposed in the literature, and these differ with respect to the set of security policies that they are capable of enforcing. In this survey, we examine the evolution of knowledge regarding the issue of precisely which security policies monitors are capable of enforcing. We i...
متن کاملTowards Enforceable Data-Driven Privacy Policies
A defining characteristic of current web applications is that they are personalized according to the interests and preferences of individual users; popular examples are Google News and Amazon.com. While this paradigm shift is generally viewed as positive by both users and content providers, it introduces privacy concerns, as the data needed to drive this functionality is often considered privat...
متن کاملEnforceable and Verifiable Stale-Safe Security Properties in Distributed Systems
Attribute staleness arises due to the physical distribution of authorization information, decision and enforcement points. This is a fundamental problem in virtually any secure distributed system in which the management and representation of authorization state are not globally synchronized. This problem is so intrinsic that it is inevitable an access decision will be made based on attribute va...
متن کاملSecurity policies
A security policy is a high-level specification of the security properties that a given system should possess. It is a means for designers, domain experts and implementers to communicate with each other, and a blueprint that drives a project from design through implementation and validation. We offer a survey of the most significant security policy models in the literature, showing how “securit...
متن کاملDeriving IPSec Network Security Policies from Organization Security Policies
This paper presents a new model for describing IPSec policies that can be derived by using classifications assigned to information flows. The classifications assigned to information flows are assigned in accordance with NIST information security guidelines.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM Transactions on Information and System Security
سال: 2000
ISSN: 1094-9224,1557-7406
DOI: 10.1145/353323.353382