Role-Based Access Control Models
Computer
Protection in operating systems
Communications of the ACM
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Autonomous Agents and Multi-Agent Systems
A stratification-based approach for handling conflicts in access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Modelling Contexts in the Or-BAC Model
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
GEO-RBAC: a spatially aware RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
Nomad: A Security Model with Non Atomic Actions and Deadlines
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
High Level Conflict Management Strategies in Advanced Access Control Models
Electronic Notes in Theoretical Computer Science (ENTCS)
Managing Delegation in Access Control Models
ADCOM '07 Proceedings of the 15th International Conference on Advanced Computing and Communications
Norms with deadlines in Dynamic Deontic Logic
Proceedings of the 2006 conference on ECAI 2006: 17th European Conference on Artificial Intelligence August 29 -- September 1, 2006, Riva del Garda, Italy
An integrated model for access control and information flow requirements
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Norms, institutional power and roles: towards a logical framework
ISMIS'06 Proceedings of the 16th international conference on Foundations of Intelligent Systems
Using contextual security policies for threat response
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
A state/event temporal deontic logic
DEON'06 Proceedings of the 8th international conference on Deontic Logic and Artificial Normative Systems
Speech acts with institutional effects in agent societies
DEON'06 Proceedings of the 8th international conference on Deontic Logic and Artificial Normative Systems
A policy language for distributed usage control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Formal methods for exchange policy specification
CAiSE'13 Proceedings of the 25th international conference on Advanced Information Systems Engineering
| Hi-index | 0.00 |
The security policy of an information system may include a wide range of different requirements. The literature has primarily focused on access and information flow control requirements and more recently on authentication and usage control requirements. Specifying administration and delegation policies is also an important issue, especially in the context of pervasive distributed systems. In this paper, we are investigating the new issue of modelling intrusion detection and reaction policies and study the appropriateness of using deontic logic for this purpose. We analyze how intrusion detection requirements may be specified to face known intrusions but also new intrusions. In the case of new intrusions, we suggest using the bring it aboutmodality and specifying requirements as prohibitions to bring it about that some security objectives are violated. When some intrusions occur, the security policy to be complete should specify what happens in this case. This is what we call a reaction policy. The paper shows that this part of the policy corresponds to contrary to dutyrequirements and suggests an approach based on assigning priority to activation contexts of security requirements.