Analyzing Consistency of Security Policies
نویسندگان
چکیده
This paper discusses the development of a methodology for reasoning about properties of security policies. We view a security policy as a special case of regulation which specifies what actions some agents are permitted, obliged or forbidden to perform and we formalize a policy by a set of deontic formulae. We first address the problem of checking policy consistency and describe a method for solving it. The second point we are interesting in is how to query a policy to know the actual norms which apply to a given situation. In order to provide the user with consistent answers, the normative conflicts which may appear in the policy must be solved. For doing so, we suggest using the notion of roles and define priorities between roles.
منابع مشابه
Modeling and Inferring on Role-Based Access Control Policies Using Data Dependencies
Role-Based Access Control (RBAC) models are becoming a de facto standard, greatly simplifying management and administration tasks. Organizational constraints were introduced (e.g.: mutually exclusive roles, cardinality, prerequisite roles) to reflect peculiarities of organizations. Thus, the number of rules is increasing and policies are becoming more and more complex: understanding and analyzi...
متن کاملArchitecting Security with Paradigm
For large security systems a clear separation of concerns is achieved through architecting. Particularly the dynamic consistency between the architectural components should be addressed, in addition to individual component behaviour. In this paper, relevant dynamic consistency is specified through Paradigm, a coordination modeling language based on dynamic constraints. As it is argued, this fit...
متن کاملModelling And Inferring On Role-Based Access Control Policies Using Data Dependencies
Role-based access control (RBAC) models are becoming a de facto standard, greatly simplifying management and administration tasks. Organizational constraints were introduced (e.g.: mutually exclusive roles, cardinality, prerequisite roles) to reflect peculiarities of organizations. Thus, the number of rules is increasing and policies are becoming more and more complex: understanding and analyzi...
متن کاملExclusion of Ageing in Social Policy Analyzing Development Plans after the Revolution
The living of the elderly has been turned into a problematic issue affected by social, cultural and economic changes, however, this problematic is not registered in policy makings and there is not appropriate social polices associated to the elderly. The subject of the current study is observe social policies in the context of development plans after the Revolution, to discover overt and covert...
متن کاملWorSE: A Workbench for Model-based Security Engineering
IT systems with sophisticated security requirements increasingly apply problemspecific security policies for specifying, analyzing, and implementing security properties. Due to their key role for defining and enforcing strategic security concepts, security polices are extremely critical, and quality assets such as policy correctness or policy consistency are essential objectives in policy engin...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1997