Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Which operating system access control technique will provide the greatest overall benefit to users?
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
The Art and Science of Computer Security
The Art and Science of Computer Security
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
The cost of non-compliance: when policies fail
SIGUCCS '04 Proceedings of the 32nd annual ACM SIGUCCS conference on User services
SELinux: NSA's Open Source Security Enhanced Linux
SELinux: NSA's Open Source Security Enhanced Linux
An Ontology-based Approach to the Formalization of Information Security Policies
EDOCW '06 Proceedings of the 10th IEEE on International Enterprise Distributed Object Computing Conference Workshops
Computer Networks: The International Journal of Computer and Telecommunications Networking
A logical specification and analysis for SELinux MLS policy
Proceedings of the 12th ACM symposium on Access control models and technologies
Information Security Policy Architecture
ICCIMA '07 Proceedings of the International Conference on Computational Intelligence and Multimedia Applications (ICCIMA 2007) - Volume 04
| Hi-index | 0.00 |
On an information system, a security policy specifies constraints on resources accessed by processes and information flow among them, and also constraints on external access by outsiders. In order to enforce an information security policy, system administrators face two main problems: First, security policy is often stated informally, leading to ambiguity, inconsistency and incompleteness, and in second place, security policy constraints must be translated on several low level specifications such as operating system access control rules, firewall filtering rules, etc. Is a difficult task to verify if those low level specifications actually enforce the security policy. In this paper we present an information security specification based on process calculus which could be translated to low level specifications.