Consistency maintenance of modern security policies

Authors:
Bartosz Brodecki;Jerzy Brzeziński;Piotr Sasak;Michał Szychowiak
Affiliations:
Poznań University of Technology, Poznań, Poland;Poznań University of Technology, Poznań, Poland;Poznań University of Technology, Poznań, Poland;Poznań University of Technology, Poznań, Poland
Venue:
ADCONS'11 Proceedings of the 2011 international conference on Advanced Computing, Networking and Security
Year:
2011

Citing 4
Cited 0

Conflicts in Policy-Based Distributed Systems Management

IEEE Transactions on Software Engineering
Fast and Scalable Conflict Detection for Packet Classifiers

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Dealing with Multi Security Policies in Communication Networks

ICNS '09 Proceedings of the 2009 Fifth International Conference on Networking and Services
Modeling and Management of Firewall Policies

IEEE Transactions on Network and Service Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Modern paradigms for building distributed systems allow an easy separation of business logic and security concerns. The latter can be efficiently managed with the use of a security policy. The security policy consists of rules controlling interactions between system components, including access restrictions, communication protection, etc. However, due to the compound structure of modern distributed systems, the policy often suffers from inconsistencies (conflicts) which gravely degrade the efficiency of policy execution. In such policies, the main difficulty of conflict discovery and resolution lies in dealing with complex rule elements (such as user roles or service groups). An universal and efficient algorithm for discovering policy conflicts is proposed and discussed.