Security Policy Consistency
نویسندگان
چکیده
With the advent of wide security platforms able to express simultaneously all the policies comprising an organization’s global security policy, the problem of inconsistencies within security policies become harder and more relevant. We have defined a tool based on the CHR language which is able to detect several types of inconsistencies within and between security policies and other specifications, namely workflow specifications. Although the problem of security conflicts has been addressed by several authors, to our knowledge none has addressed the general problem of security inconsistencies, on its several definitions and target specifications.
منابع مشابه
Analyzing Consistency of Security Policies
This paper discusses the development of a methodology for reasoning about properties of security policies. We view a security policy as a special case of regulation which specifies what actions some agents are permitted, obliged or forbidden to perform and we formalize a policy by a set of deontic formulae. We first address the problem of checking policy consistency and describe a method for so...
متن کاملModular Security Policy Design based on Extended Petri Nets
Security policies are one of the most fundamental elements of computer security. Their design has to cope with composition of components in security systems and interactions between them. Consequently, a modular approach for specification and verification of security policies is necessary and the composition of modules must consistently ensure fundamental properties of security policies, in a r...
متن کاملWorSE: A Workbench for Model-based Security Engineering
IT systems with sophisticated security requirements increasingly apply problemspecific security policies for specifying, analyzing, and implementing security properties. Due to their key role for defining and enforcing strategic security concepts, security polices are extremely critical, and quality assets such as policy correctness or policy consistency are essential objectives in policy engin...
متن کاملInformation Flow Analysis in Role-based Security Systems 1
This paper examines the application of information ow analysis to role-based protection systems. Starting with basic information ow axioms and a security policy, we propose a means of ensuring that a given role-based scheme is consistent with the speciied security policy. The proposed method uses graph theory and, in particular, treats this problem as an instance of subgraph isomorphism to dete...
متن کاملModeling and Validating the Clinical Information Systems Policy Using Alloy
Information systems security defines three properties of information: confidentiality, integrity, and availability. These characteristics remain major concerns throughout the commercial and military industry. In this work, we focus on the integrity aspect of commercial security applications by exploring the nature and scope of the famous integrity policy the Clinical Information Systems Policy....
متن کاملSecurity Policy Coordination for Heterogeneous Information Systems
Coordinating security policies in information enclaves is challenging due to their heterogeneity and autonomy. Administrators must reconcile the semantic diversity of data and security models before negotiating secure interoperation. This paper proposes an architecture that uses mediators and a primitive ticket-based authorization model to manage disparate policies in information enclaves. The ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره cs.LO/0006045 شماره
صفحات -
تاریخ انتشار 2000