A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
On the increasing importance of constraints
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Dynamic and risk-aware network access management
Proceedings of the eighth ACM symposium on Access control models and technologies
A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
Protection in flexible operating system architectures
ACM SIGOPS Operating Systems Review
Defeating Internet Attacks Using Risk Awareness and Active Honeypots
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Resolving constraint conflicts
Proceedings of the ninth ACM symposium on Access control models and technologies
Firmato: A novel firewall management toolkit
ACM Transactions on Computer Systems (TOCS)
Supporting access control policies across multiple operating systems
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Alpaca: extensible authorization for distributed services
Proceedings of the 14th ACM conference on Computer and communications security
Multi-access Management in Heterogeneous Networks
Wireless Personal Communications: An International Journal
A system for visual role-based policy modelling
Journal of Visual Languages and Computing
Hi-index | 0.00 |
Security policy management is critical to meet organisational needs and reduce potential risks because almost every organisation depends on computer networks and the internet for their daily operations. It is therefore important to specify and enforce security policies effectively. However, as organisations grow, so do their networks - this increases the difficulty of deploying a security policy, especially across heterogeneous systems. In this paper, we introduce a policy framework called Chameleos-x which is designed to enforce security policies consistently across security-aware systems with network services - primarily operating systems, firewalls, and intrusion detection systems. Throughout this paper, we focus on the design and architecture of Chameleos-x and demonstrate how our policy framework helps organisations implement security policies in changing, diversity-rich environments. We also describe our ongoing work in the experimentation of Chameleos-x, where we have obtained promising results.