Practical policy patterns

Authors:
Dan Thomsen
Affiliations:
Independent Consultant, Minneapolis, MN, USA
Venue:
Proceedings of the first ACM conference on Data and application security and privacy
Year:
2011

Citing 12
Cited 0

Design patterns: elements of reusable object-oriented software

Design patterns: elements of reusable object-oriented software
Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Napoleon: network application policy environment

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A note on the confinement problem

Communications of the ACM
A scenario-driven role engineering process for functional RBAC roles

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Role-Based Access Control Framework for Network Enterprises

ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Napoleon: A Recipe for Workflow

ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Engineering of Role/Permission Assignments

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Security Patterns: Integrating Security and Systems Engineering

Security Patterns: Integrating Security and Systems Engineering
Patterns in Security Enforcement Policy Development

DEXA '07 Proceedings of the 18th International Conference on Database and Expert Systems Applications
Patterns and Pattern Diagrams for Access Control

TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business

Quantified Score

Hi-index	0.00

Visualization

Abstract

The paper attempts to encourage deeper thinking about the nature of security enforcement policies with the intent of fostering a practical engineering design approach for building security enforcement policy. The paper suggests several approaches to lower the cost of developing security enforcement policies by developing technology to share enforcement policies like open source software, including patterns, isolation of site specific policy and tools to increase the ability of humans to understand the implemented policy. The paper also suggests research avenues for increasing human understanding of enforcement policy.