A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Towards a Multi-dimensional Characterization of Dissemination Control
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Verified enforcement of stateful information release policies
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Tactical cross-domain solutions: current status and the need for change
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Exploiting node mobility for coordinating data usage in crisis scenarios
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
| Hi-index | 0.00 |
In this paper, we first present the design of the Cross-Domain Language (CDL), the first attempt to date to design a high-level end-user language for the specification of cross-domain information-release policies. We then discuss our experiences and lessons learned in implementing CDL policies on lower-level general-purpose language frameworks such as Ponder2 and highlight future directions for language design. CDL addresses the need for a high level, understandable and interoperable language targeted at policy management staff such as dissemination and release officers, security officers etc., as opposed to software developers. The ease of policy specification in CDL comes from the fact that policies are centered on the ontologies and metaphors of cross-domain information release. Combining this with the mature and time-tested features offered by general-purpose policy specification and execution environments such as Ponder2 will allow for the rapid prototyping of interoperable and efficient cross-domain solutions.