{"title":"安全策略细化:从高级规范到低级实现","authors":"Xia Yang, J. Alves-Foss","doi":"10.1109/SocialCom.2013.77","DOIUrl":null,"url":null,"abstract":"Security and privacy policies are stated in the context of abstract concepts such as users/roles, objects and actions that relate to a specific level of abstraction in the system design. Refinement of the abstract design down to lower level implementations can result in a disconnect between the implementation and the more abstract security policy. In this paper we introduce the concept of security policy refinement for access control policies that allows us to maintain a tighter coupling between the security policy and its implementation. We use a purpose-based privacy policy as an example to explain the concepts. The resulting refinement technique provides for improved verification and validation that the system, as implemented, satisfies the abstract security policy, and sets the stage for further research in this area.","PeriodicalId":129308,"journal":{"name":"2013 International Conference on Social Computing","volume":"124 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Security Policy Refinement: High-Level Specification to Low-Level Implementation\",\"authors\":\"Xia Yang, J. Alves-Foss\",\"doi\":\"10.1109/SocialCom.2013.77\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security and privacy policies are stated in the context of abstract concepts such as users/roles, objects and actions that relate to a specific level of abstraction in the system design. Refinement of the abstract design down to lower level implementations can result in a disconnect between the implementation and the more abstract security policy. In this paper we introduce the concept of security policy refinement for access control policies that allows us to maintain a tighter coupling between the security policy and its implementation. We use a purpose-based privacy policy as an example to explain the concepts. The resulting refinement technique provides for improved verification and validation that the system, as implemented, satisfies the abstract security policy, and sets the stage for further research in this area.\",\"PeriodicalId\":129308,\"journal\":{\"name\":\"2013 International Conference on Social Computing\",\"volume\":\"124 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Social Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SocialCom.2013.77\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Social Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SocialCom.2013.77","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security Policy Refinement: High-Level Specification to Low-Level Implementation
Security and privacy policies are stated in the context of abstract concepts such as users/roles, objects and actions that relate to a specific level of abstraction in the system design. Refinement of the abstract design down to lower level implementations can result in a disconnect between the implementation and the more abstract security policy. In this paper we introduce the concept of security policy refinement for access control policies that allows us to maintain a tighter coupling between the security policy and its implementation. We use a purpose-based privacy policy as an example to explain the concepts. The resulting refinement technique provides for improved verification and validation that the system, as implemented, satisfies the abstract security policy, and sets the stage for further research in this area.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
