HiPoLDS: A Hierarchical Security Policy Language for Distributed Systems

Authors:
Matteo Dell'Amico;Gabriel Serme;Muhammad Sabir Idrees;Anderson Santana De Oliveira;Yves Roudier
Affiliations:
Eurecom, Sophia-Antipolis, France;SAP Research, Sophia-Antipolis, France;Eurecom, Sophia-Antipolis, France;SAP Research, Sophia-Antipolis, France;Eurecom, Sophia-Antipolis, France
Venue:
Information Security Tech. Report
Year:
2013

Citing 11
Cited 0

Protecting privacy using the decentralized label model

ACM Transactions on Software Engineering and Methodology (TOSEM)
An algebra for composing access control policies

ACM Transactions on Information and System Security (TISSEC)
The Ponder Policy Specification Language

POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Verifiable composition of access control and application features

Proceedings of the tenth ACM symposium on Access control models and technologies
Harmless advice

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Availability Enforcement by Obligations and Aspects Identification

ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
A Policy Language for Adaptive Web Services Security Framework

SNPD '07 Proceedings of the Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing - Volume 01
Weaving rewrite-based access control policies

Proceedings of the 2007 ACM workshop on Formal methods in security engineering
An Operational Framework for Service Oriented Architecture Network Security

HICSS '08 Proceedings of the Proceedings of the 41st Annual Hawaii International Conference on System Sciences
ASLan++ -- a formal security specification language for distributed systems

FMCO'10 Proceedings of the 9th international conference on Formal Methods for Components and Objects
Modular access control via strategic rewriting

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Expressing security policies to govern distributed systems is a complex and error-prone task. Policies are hard to understand, often expressed with unfriendly syntax, making it difficult for security administrators and for business analysts to create intelligible specifications. We introduce the Hierarchical Policy Language for Distributed Systems (HiPoLDS), which has been designed to enable the specification of security policies in distributed systems in a concise, readable, and extensible way. HiPoLDS design focuses on decentralized execution environments under the control of multiple stakeholders. It represents policy enforcement through the use of distributed reference monitors, which control the flow of information between services. HiPoLDS allows the definition of both abstract and concrete policies, expressing respectively high-level properties required and concrete implementation details to be ultimately introduced into the service implementation.