Proceedings of the 10th International Conference on Automated Deduction
Maintaining Consistency of the Security Policy using Timestamp Ordering
ITCC '02 Proceedings of the International Conference on Information Technology: Coding and Computing
Towards a formal model for security policies specification and validation in the selinux system
Proceedings of the ninth ACM symposium on Access control models and technologies
ACM Transactions on Information and System Security (TISSEC)
Maintaining consistency of the security policy in distributed environment
PCC '02 Proceedings of the Performance, Computing, and Communications Conference, 2002. on 21st IEEE International
Hi-index | 0.00 |
Security policies are rules aimed at protecting the resources of an organisation from the risks associated with computer usage. Designing, implementing and maintaining security policies are all error prone and time consuming. We report on a tool that helps managing the security policies of an organisation. Security policies are formalised using first-order logic with equality and the unique names assumption, closely following the security policy language suggested in [1]. The tool includes a link to an automated theorem prover, Otter [2], and to a model finder, Mace [2], used to formally verify a set of formal security policies. It also includes a GUI and a number of links to read information and security policies from organisation databases and access control lists.