Using Deontic Logic for Security Policy Specification
نویسنده
چکیده
This paper analyses the problem of specifying a security policy for organizations. First, various issues related to the problem of an adequate and rigorous specification of a security policy are outlined in a context where security requirements usually remain informal and are difficult to satisfy. Then, it is proposed to use a logical language, previously studied in the literature, that seems to exhibit the adaptability needed for such tasks. The definition of this formalism is provided. We focus on the problem of its practical use and propose a graphical approach supported by a tool. A security policy specification example is presented to illustrate this approach.
منابع مشابه
Using Role-based Abstractions for Security Policy Specification with Deontic Logic
This paper presents the use of role-based notions in the formal specification of a security policy. The formal method used is based on deontic logic, a logical formalism that seems particularly adapted for the specification of security properties. An outline of the main characteristics of this formalism and of the graphical notation used is presented through examples. The use of role-based abst...
متن کاملDeontic logic for the specification of system availability
We study the specification and the verification of availability policies. We first introduce the availability concept, and then deontic logic. Next we present some investigations about mixing temporal and deontic aspects, in order to specify both availability policies and system behavior. In the last part we focus on the verification of availability, especially using the UPPAAL tool for an illu...
متن کاملInformation Systems Security: Specification and Quantitative Evaluation
This paper presents a method for the specification and evaluation of the security of information systems. This method is based on an extension of deontic logic, a formal language adapted for this task. First, we outline briefly the overall guidelines of the method and the various aspects of the security policy specification process. Then, the formalism is defined and extensions are proposed. To...
متن کاملMa(dl): a Normative Logic for Authorization in Semantic-aware Environments
Semantic technology provides an abstraction layer above existing computational environments, especially the Web, to give information a well-defined meaning. Moving toward semanticaware environments imposes new security requirements. One of the most important requirement is the authorization and security policy inference based on the existing semantic relationships in the abstract (conceptual) l...
متن کاملÉvaluation quantitative de la sécurité des systèmes d'information. (Quantitative Evaluation of Information Systems Security)
This dissertation presents a general method for the specification and quantitative evaluation of information systems security. This method allows to monitor the evolutions of an information system in operation, as well as to compare the impact on security of possible modifications of the functioning. It relies on a formal specification of the system security policy, augmented by a model of the ...
متن کامل