The Z notation: a reference manual
The Z notation: a reference manual
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
ZUM '97 Proceedings of the 10th International Conference of Z Users on The Z Formal Specification Notation
Policy-Based Access Control Framework for Large Networks
ICON '00 Proceedings of the 8th IEEE International Conference on Networks
Filtering postures: local enforcement for global policies
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Compiling Policy Descriptions into Reconfigurable Firewall Processors
FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Firmato: A novel firewall management toolkit
ACM Transactions on Computer Systems (TOCS)
Policy Modeling and Refinement for Network Security Systems
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
| Hi-index | 0.00 |
This work presents a new policy based security framework that is able handle simultaneously and coherently mandatory, discretionary and security property policies. One important aspect of the proposed framework is that each dimension of the security policies can be managed independently, allowing people playing different roles in an organization to define security policies without violating a global security goal. The framework creates an abstract layer that permits to define security policies independently of how they will be enforced. For example, the mandatory and security property polices could be assigned to the risk management staff while the discretionary policies could be delegated among the several departments in the organization.