AAAI '99/IAAI '99 Proceedings of the sixteenth national conference on Artificial intelligence and the eleventh Innovative applications of artificial intelligence conference innovative applications of artificial intelligence
A lightweight approach to specification and analysis of role-based access control extensions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Tower: A Language for Role Based Access Control
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
IPSec/VPN Security Policy: Correctness, Conflict Detection, and Resolution
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Using Alloy and UML/OCL to Specify Run-Time Configuration Management: A Case Study
Workshop of the pUML-Group held together with the «UML»2001 on Practical UML-Based Rigorous Development Methods - Countering or Integrating the eXtremists
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Automating commutativity analysis at the design level
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Policy Technologies for Self-Managing Systems
Policy Technologies for Self-Managing Systems
Official (ISC)2 Guide to the CISSP CBK
Official (ISC)2 Guide to the CISSP CBK
Verification of UML-Based security policy model
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part III
Collaborations, mergers, acquisitions, and security policy conflict analysis
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Policy-based management of networked computing systems
IEEE Communications Magazine
Network policy languages: a survey and a new approach
IEEE Network: The Magazine of Global Internetworking
Hi-index | 0.00 |
Information system security policies have grown in complexity and the emerging collaborative nature of business has created new challenges in creating and managing such policies. These policies address several domains ranging from access control to disaster recovery and depend not only on the business itself but on socio-political/legal requirements as well. Events like collaborative work or project-based organisational units result in the need to create a new information system security policy for the specific work/project, while maintaining status quo of existing policies. This requires identification and evaluation of existing policies to enable creating the new policy in line with the existing ones with acceptable deviations based on informed decisions. This paper provides a framework for capturing and converting security policies in terms of an XML format and further into alloy language format. Policies are converted to alloy format for performing further policy consistency analysis using Alloy Analyser.