Control principles and role hierarchies
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
IPSec/VPN Security Policy: Correctness, Conflict Detection, and Resolution
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
An Introduction to the Theoretical Aspects of Coloured Petri Nets
A Decade of Concurrency, Reflections and Perspectives, REX School/Symposium
Role-Based Access Control
A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Implementation of a Formal Security Policy Refinement Process in WBEM Architecture
Journal of Network and Systems Management
| Hi-index | 0.00 |
Security mechanisms enforcement consists in configuring devices with the aim that they cooperate and guarantee the defined security goals. In the network context, this task is complex due to the number, the nature, and the interdependencies of the devices to consider. We propose in this article a global and formal framework which models the network security management information from the security goals to the security mechanisms configurations. The process is divided into three steps. First, the security goals are specified and the specification consistency is checked. Secondly, the network security tactics are defined. An evaluation method guarantees the consistency and the correctness against the security goals. Finally, the framework verifies that the network security tactics can be enforced by the real security mechanisms.