A logic-based calculus of events
New Generation Computing
SAC '97 Proceedings of the 1997 ACM symposium on Applied computing
Querying Heterogeneous Information Sources Using Source Descriptions
VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Expressive policy analysis with enhanced system dynamicity
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Policy refinement: decomposition and operationalization for dynamic domains
Proceedings of the 7th International Conference on Network and Services Management
| Hi-index | 0.00 |
In spite of the wide adoption of policy-based approaches for security management, and many existing treatments of policy verification and analysis, relatively little attention has been paid to policy refinement: the problem of deriving lower-level, runnable policies from higher-level policies, policy goals, and specifications. In this paper we present our initial ideas on this task, using and adapting concepts from data integration. We take a view of policies as governing the performance of an action on a target by a subject, possibly with certain conditions. Transformation rules are applied to these components of a policy in a structured way, in order to translate the policy into more refined terms; the transformation rules we use are similar to those of `global-as-view' database schema mappings, or to extensions thereof. We illustrate our ideas with an example.