Path: Top -> Journal -> Jurnal Internasional -> Journal -> Computer
EXECUTABLE SECURITY POLICIES: SPECIFICATION AND VALIDATION OF SECURITY POLICIES
EXECUTABLE SECURITY POLICIES: SPECIFICATION AND VALIDATION OF SECURITY POLICIES
2009Journal from gdlhub / 2017-08-14 11:52:32
Oleh : Ryma Abassi , Sihem Guemara El Fatmi, International Journal of Wireless & Mobile Networks (IJWMN)
Dibuat : 2012-06-23, dengan 1 file
Keyword : Security Policy, Executable Security Policy, Specification, S-Promela, Validation, Consistency, Completeness, domain, conflict.
Subjek : EXECUTABLE SECURITY POLICIES: SPECIFICATION AND VALIDATION OF SECURITY POLICIES
Url : http://airccse.org/journal/nsa/0809smn01.pdf
Sumber pengambilan dokumen : Internet
Security Policies constitute the core of network protection infrastructures. However, their development is
a sensitive task because it can be in opposition with the security requirements (e.g. lack of rule or
conflicting rules). A specification task seems to be indispensible in order to clarify the desired exigencies.
A validation process for security policies becomes then necessary before their deployment to avoid
resources network damages. Nowadays, there is no automated tool in the network security world
allowing such task. Moreover, we have found that the theory developed for this aim in the software
engineering domain can be adapted for security policies because several similarities exist between the
expressions of the needs in the two domains as mentioned in several studies. Hence, we propose in this
paper a specification and validation framework for security policies, inspired from software engineering
tools, where: (1) we introduce the concept of executable specifications to build the concept of Executable
Security Policies (2) we propose a new specification language based on an adapted modeling and
inspired from Promela (3) we build a validation model based on the newly introduced language and (4)
we define a 3-steps validation process of the executable security policy. The validation process is based
on the main security properties, i.e. consistency, completeness and preservation of safety and liveness.
Moreover, the consistency related to multiple security policies is treated through a detection algorithm
and a resolution method.
Security Policies constitute the core of network protection infrastructures. However, their development is
a sensitive task because it can be in opposition with the security requirements (e.g. lack of rule or
conflicting rules). A specification task seems to be indispensible in order to clarify the desired exigencies.
A validation process for security policies becomes then necessary before their deployment to avoid
resources network damages. Nowadays, there is no automated tool in the network security world
allowing such task. Moreover, we have found that the theory developed for this aim in the software
engineering domain can be adapted for security policies because several similarities exist between the
expressions of the needs in the two domains as mentioned in several studies. Hence, we propose in this
paper a specification and validation framework for security policies, inspired from software engineering
tools, where: (1) we introduce the concept of executable specifications to build the concept of Executable
Security Policies (2) we propose a new specification language based on an adapted modeling and
inspired from Promela (3) we build a validation model based on the newly introduced language and (4)
we define a 3-steps validation process of the executable security policy. The validation process is based
on the main security properties, i.e. consistency, completeness and preservation of safety and liveness.
Moreover, the consistency related to multiple security policies is treated through a detection algorithm
and a resolution method.
Beri Komentar ?#(0) | Bookmark
| Properti | Nilai Properti |
|---|---|
| ID Publisher | gdlhub |
| Organisasi | International Journal of Wireless & Mobile Networks (IJWMN) |
| Nama Kontak | Herti Yani, S.Kom |
| Alamat | Jln. Jenderal Sudirman |
| Kota | Jambi |
| Daerah | Jambi |
| Negara | Indonesia |
| Telepon | 0741-35095 |
| Fax | 0741-35093 |
| E-mail Administrator | elibrarystikom@gmail.com |
| E-mail CKO | elibrarystikom@gmail.com |
Print ...
Kontributor...
- , Editor: fachruddin
Download...
Download hanya untuk member.
jurnal 08
File : jurnal 08.PDF
(409865 bytes)