安全策略的语义比较:从访问控制策略到流属性

2012 IEEE Symposium on Security and Privacy Workshops Pub Date : 2012-05-24 DOI:10.1109/SPW.2012.33

M. Jaume

{"title":"安全策略的语义比较:从访问控制策略到流属性","authors":"M. Jaume","doi":"10.1109/SPW.2012.33","DOIUrl":null,"url":null,"abstract":"This paper introduces two generic mechanisms allowing to compare security policies from a semantical point of view. First, a notion of embedding is defined in order to compare policies over a common domain. Then, interpretations of security policies are introduced in order to consider their properties over arbitrary domains. Thus, combining interpretations and embeddings allows to compare policies expressed over different domains. Along the lines of this paper, we illustrate our definitions by defining a flow-based interpretation of access control and by comparing classical access control policies according to a hierarchy of abstract flow policies, thus characterizing flow properties which can be ensured by access control policies.","PeriodicalId":201519,"journal":{"name":"2012 IEEE Symposium on Security and Privacy Workshops","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Semantic Comparison of Security Policies: From Access Control Policies to Flow Properties\",\"authors\":\"M. Jaume\",\"doi\":\"10.1109/SPW.2012.33\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper introduces two generic mechanisms allowing to compare security policies from a semantical point of view. First, a notion of embedding is defined in order to compare policies over a common domain. Then, interpretations of security policies are introduced in order to consider their properties over arbitrary domains. Thus, combining interpretations and embeddings allows to compare policies expressed over different domains. Along the lines of this paper, we illustrate our definitions by defining a flow-based interpretation of access control and by comparing classical access control policies according to a hierarchy of abstract flow policies, thus characterizing flow properties which can be ensured by access control policies.\",\"PeriodicalId\":201519,\"journal\":{\"name\":\"2012 IEEE Symposium on Security and Privacy Workshops\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-05-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE Symposium on Security and Privacy Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SPW.2012.33\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Symposium on Security and Privacy Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW.2012.33","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

摘要

本文介绍了两种通用机制，允许从语义的角度比较安全策略。首先，定义了嵌入的概念，以便比较公共域中的策略。然后，介绍了安全策略的解释，以便考虑它们在任意域上的属性。因此，结合解释和嵌入可以比较在不同领域上表达的策略。沿着本文的思路，我们通过定义基于流的访问控制解释和根据抽象流策略的层次结构比较经典访问控制策略来说明我们的定义，从而表征访问控制策略可以确保的流属性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Semantic Comparison of Security Policies: From Access Control Policies to Flow Properties

This paper introduces two generic mechanisms allowing to compare security policies from a semantical point of view. First, a notion of embedding is defined in order to compare policies over a common domain. Then, interpretations of security policies are introduced in order to consider their properties over arbitrary domains. Thus, combining interpretations and embeddings allows to compare policies expressed over different domains. Along the lines of this paper, we illustrate our definitions by defining a flow-based interpretation of access control and by comparing classical access control policies according to a hierarchy of abstract flow policies, thus characterizing flow properties which can be ensured by access control policies.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 IEEE Symposium on Security and Privacy Workshops

自引率

0.00%

发文量

期刊最新文献

Insider Threats against Trust Mechanism with Watchdog and Defending Approaches in Wireless Sensor Networks Using Consensus Clustering for Multi-view Anomaly Detection Side-Channel Analysis of Grøstl and Skein Fog Computing: Mitigating Insider Data Theft Attacks in the Cloud Slender PUF Protocol: A Lightweight, Robust, and Secure Authentication by Substring Matching