Security checker architecture for policy-based security management

Authors:
Artem Tishkov;Igor Kotenko;Ekaterina Sidelnikova
Affiliations:
SPIIRAS, St.-Petersburg, Russia;SPIIRAS, St.-Petersburg, Russia;SPIIRAS, St.-Petersburg, Russia
Venue:
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Year:
2005

Citing 3
Cited 1

A logic-based calculus of events

New Generation Computing
Flexible support for multiple access control policies

ACM Transactions on Database Systems (TODS)
A Logical Language for Expressing Authorizations

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy

Enforcement of integrated security policy in trusted operating systems

IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Policy-based management systems are now the object of steadfast attention in network security theory and applications. Due to a complex structure of subject role hierarchies, target grouping, and action mutual dependence the security policy conflicts are complicated to detect and resolve. Moreover, an initially consistent policy ruleset may lead to inconsistent or unenforceable rules during the system lifecycle. The paper presents the architecture of Security Checker module (intended for disclosure and resolution of policy conflicts) and illustrates conflict detection based on event calculus.