A new logic for verification of security policies is proposed. The logic, HyperLTL, extends linear-time temporal logic (LTL) with connectives for explicit and simultaneous quantification over multiple execution paths, thereby enabling HyperLTL to express information-flow security policies that LTL cannot. A model-checking algorithm for a fragment of HyperLTL is given, and the algorithm is imple...

This paper takes a top-down approach and provides a high-level overview for developing effective information systems policies. The opening section describes the importance of management commitment. A management oversight committee is introduced as the primary team representing an organization for the purposes of implementing an information systems security program based on policy. A general out...

Access control policies are security policies that govern access to resources. Real-time update of access control policies, that is, updating policies while they are in effect and enforcing the changes immediately, is necessary for many security-critical applications. In this paper, we consider real-time update of access control policies in a database system. We consider an environment in which...

Verified and validated security policies are essential components of high assurance computer systems. The design and implementation of security policies are fundamental processes in the development, deployment, and maintenance of such systems. In this paper, we introduce an expert system that helps with the design and implementation of security policies. We show how Prolog is used to verify sys...

To enable the growth of wireless networks in high assurance computer systems, it is essential to establish a security engineering methodology that provides system security managers with a procedural engineering process to develop computer security policies. Our research demonstrates how wireless communication technology is deployed using the Multiple Independent Levels of Security (MILS) archit...

Most recent information security incidents have been caused by employees’ poor managements rather than technology defects. Accordingly, organizations try to improve their information security by demanding that employees conform to information security policies. Previous studies examined the effect of organization’s enforcement-based systems, using penalties and rewards, on employees’ comply wit...

This article presents a security architecture suitable for implementation of the security services and mechanisms selected by the security policies defined by the ACTS TRUMPET project for an appropriate protection of the external interfaces of TMNs. These security policies define the protection measures to use for communication in the inter-domain management case. These measures need to be impl...