Franqueira, Virginia Nunes Leal and van Eck, Pascal (2006) Towards alignment of architectural domains in security policy specifications. In: 8th International Symposium on System and Information Security, 08-10 Nov 2006, Sao Jose dos Campos, Brazil.
- Accepted Version
Large organizations need to align the security architecture across three different domains: access control, network layout and physical infrastructure. Security policy specification formalisms are usually dedicated to only one or two of these domains. Consequently, more than one policy has to be maintained, leading to alignment problems. Approaches from the area of model-driven security enable creating graphical models that span all three domains, but these models do not scale well in real-world scenarios with hundreds of applications and thousands of user roles. In this paper, we demonstrate the feasibility of aligning all three domains in a single enforceable security policy expressed in a Prolog-based formalism by using the Law Governed Interaction (LGI) framework. Our approach alleviates the limitations of policy formalisms that are domain-specific while helping to reach scalability by automatic enforcement provided by LGI.
|Item Type:||Conference or Workshop Item (Paper)|
|Subjects:||Q Science > Q Science (General)|
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
|Schools:||College of Science and Technology > School of Computing Engineering & Physical Sciences|
|Deposited By:||Carmit Erez|
|Deposited On:||01 Nov 2012 16:36|
|Last Modified:||07 Mar 2014 09:58|
Downloads per month over past year
Downloads for past 30 days
Repository Staff Only: item control page