Miro: Visual Specification of Security
IEEE Transactions on Software Engineering
Goal-directed requirements acquisition
6IWSSD Selected Papers of the Sixth International Workshop on Software Specification and Design
A formal process for testing the consistency of composed security policies
A formal process for testing the consistency of composed security policies
Domains: a framework for structuring management policy
Network and distributed systems management
MERLIN: supporting cooperation in software development through a knowledge-based environment
Software process modelling and technology
PADM: towards a total process modelling system
Software process modelling and technology
On the characterization of law and computer systems: the normative systems perspective
Deontic logic in computer science
Distributed search and conflict management among reusable heterogeneous agents
Distributed search and conflict management among reusable heterogeneous agents
Role-Based Access Control Models
Computer
A meta-model for restructuring stakeholder requirements
ICSE '97 Proceedings of the 19th international conference on Software engineering
On formal requirements modeling languages: RML revisited
ICSE '94 Proceedings of the 16th international conference on Software engineering
Law-governed regularities in object systems. Part 2: a concrete implementation
Theory and Practice of Object Systems
NSPW '92-93 Proceedings on the 1992-1993 workshop on New security paradigms
Managing Conflicts in Goal-Driven Requirements Engineering
IEEE Transactions on Software Engineering
Ensuring integrity by adding obligations to privileges
ICSE '85 Proceedings of the 8th international conference on Software engineering
Towards A Role-Based Framework for DistributedSystems Management
Journal of Network and Systems Management
Representing and Using Nonfunctional Requirements: A Process-Oriented Approach
IEEE Transactions on Software Engineering - Special issue on knowledge representation and reasoning in software development
A Policy Based Role Object Model
EDOC '97 Proceedings of the 1st International Conference on Enterprise Distributed Object Computing
Use of an Experimental Policy Workbench: Description and Preliminary Results
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Goal-directed elaboration of requirements for a meeting scheduler: problems and lessons learnt
RE '95 Proceedings of the Second IEEE International Symposium on Requirements Engineering
Towards Modeling and Reasoning Support for Early-Phase Requirements Engineering
RE '97 Proceedings of the 3rd IEEE International Symposium on Requirements Engineering
On the Use of a Formal R.E. Language - The Generalized Railroad Crossing Problem
RE '97 Proceedings of the 3rd IEEE International Symposium on Requirements Engineering
Management Policy Service for Distributed Systems
SDNE '96 Proceedings of the 3rd Workshop on Services in Distributed and Networked Environments (SDNE '96)
Policy Definition Language for Automated Management of Distributed Systems
SMW '96 Proceedings of the 2nd IEEE International Workshop on Systems Management (SMW'96)
A Security Framework Supporting Domain Based Access Control in Distributed Systems
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Building reconfiguration primitives into the law of a system
ICCDS '96 Proceedings of the 3rd International Conference on Configurable Distributed Systems
ACME/PRIME: Requirements Acquisition for Process-Driven Systems
IWSSD '96 Proceedings of the 8th International Workshop on Software Specification and Design
Logical Tools for Modelling Legal Argument: A Study of Defeasible Reasoning in Law
Logical Tools for Modelling Legal Argument: A Study of Defeasible Reasoning in Law
Integrated constraints and inheritance in DTAC
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
2nd international workshop on living with inconsistency
ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
Proceedings of the 1st international conference on Knowledge capture
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
2nd international workshop on living with inconsistency (IWLWI01)
ACM SIGSOFT Software Engineering Notes
Towards Formal Modeling of e-Contracts
EDOC '01 Proceedings of the 5th IEEE International Conference on Enterprise Distributed Object Computing
Use of Logic to Describe Enhanced Communications Services
FORTE '02 Proceedings of the 22nd IFIP WG 6.1 International Conference Houston on Formal Techniques for Networked and Distributed Systems
A Specification Language for Distributed Policy Control
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Policy-Based Intrusion Detection and Automated Response Mechanism
ICOIN '02 Revised Papers from the International Conference on Information Networking, Wireless Communications Technologies and Network Applications-Part II
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Translating Role-Based Access Control Policy within Context
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Author Obliged to Submit Paper before 4 July: Policies in an Enterprise Specification
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
IPSec/VPN Security Policy: Correctness, Conflict Detection, and Resolution
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Unifying Petri Nets, Advances in Petri Nets
CIA '02 Proceedings of the 6th International Workshop on Cooperative Information Agents VI
Policy-Driven Binding to Information Resources in Mobility-Enabled Scenarios
MDM '03 Proceedings of the 4th International Conference on Mobile Data Management
A Policy Language for the Management of Distributed Agents
AOSE '01 Revised Papers and Invited Contributions from the Second International Workshop on Agent-Oriented Software Engineering II
Access control and trust in the use of widely distributed services
Software—Practice & Experience - Special issue: Middleware
ICSM '01 Proceedings of the IEEE International Conference on Software Maintenance (ICSM'01)
Representation and reasoning for DAML-based policy and domain services in KAoS and nomads
AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Meta-Policies for Distributed Role-Based Access Control Systems
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
PoP -- An Automated Policy Replacement Architecture for PBNM
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
An Adaptive Policy Based Management Framework for Differentiated Services Networks
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Policy Driven Data Administration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Rule-Based Building-Block Architectures for Policy-Based Networking
Journal of Network and Systems Management
An Adaptive Policy-Based Framework for Network Services Management
Journal of Network and Systems Management
A propositional logic for access control policy in distributed systems
Artificial intelligence and security in computing systems
A model-based approach to integrating security policies for embedded devices
Proceedings of the 4th ACM international conference on Embedded software
Self-aware management of IP networks with QoS guarantees
International Journal of Network Management
Authorization and Privacy for Semantic Web Services
IEEE Intelligent Systems
Feature interaction in policies
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue: Directions in feature interaction research
Middleware for User Controlled Environments
PERCOMW '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Modality conflicts in semantics aware access control
ICWE '06 Proceedings of the 6th international conference on Web engineering
Human-centric network security management: a comprehensive helper
WMASH '06 Proceedings of the 4th international workshop on Wireless mobile applications and services on WLAN hotspots
Defeasible security policy composition for web services
Proceedings of the fourth ACM workshop on Formal methods in security
Modeling conversation policies using permissions and obligations
Autonomous Agents and Multi-Agent Systems
Policies and conflicts in call control
Computer Networks: The International Journal of Computer and Telecommunications Networking
Towards a context-based multi-type policy approach for Web services composition
Data & Knowledge Engineering
X-FEDERATE: A Policy Engineering Framework for Federated Access Management
IEEE Transactions on Software Engineering
Resource management for global public computing: many policies are better than (n)one
WORLDS'06 Proceedings of the 3rd conference on USENIX Workshop on Real, Large Distributed Systems - Volume 3
An approach to evaluate policy similarity
Proceedings of the 12th ACM symposium on Access control models and technologies
Role-based Architectural Modelling of Socio-Technical Systems
Electronic Notes in Theoretical Computer Science (ENTCS)
Using semi-formal methods for detecting interactions among smart homes policies
Science of Computer Programming
A survey of autonomic computing—degrees, models, and applications
ACM Computing Surveys (CSUR)
Composing software services in the pervasive computing environment: Languages or APIs?
Pervasive and Mobile Computing
The policy continuum-Policy authoring and conflict analysis
Computer Communications
Harnessing Models for Policy Conflict Analysis
AIMS '07 Proceedings of the 1st international conference on Autonomous Infrastructure, Management and Security: Inter-Domain Management
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
Dynamic Consistency Analysis for Convergent Operators
AIMS '08 Proceedings of the 2nd international conference on Autonomous Infrastructure, Management and Security: Resilient Networks and Services
Flexible Resolution of Authorisation Conflicts in Distributed Systems
DSOM '08 Proceedings of the 19th IFIP/IEEE international workshop on Distributed Systems: Operations and Management: Managing Large-Scale Service Deployment
Compositional Refinement of Policies in UML --- Exemplified for Access Control
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Logic-based Conflict Detection for Distributed Policies
Fundamenta Informaticae - Fundamentals of Software Engineering 2007: Selected Contributions
A new architecture for performance-based policy management in heterogeneous wireless networks
Mobility '08 Proceedings of the International Conference on Mobile Technology, Applications, and Systems
Policy-constrained bio-inspired processes for autonomic route management
Computer Networks: The International Journal of Computer and Telecommunications Networking
Combining Virtual Organization and Local Policies for Automated Configuration of Grid Services
Proceedings of the 2005 conference on Self-Organization and Autonomic Informatics (I)
Secure Interoperation in Multidomain Environments Employing UCON Policies
ISC '09 Proceedings of the 12th International Conference on Information Security
The OPL Access Control Policy Language
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
Handling inheritance violation for secure interoperation of heterogeneous systems
International Journal of Security and Networks
Policy Analysis and Verification by Graph Transformation Tools
Electronic Notes in Theoretical Computer Science (ENTCS)
Dynamic security framework for mobile agent systems: specification, verification and enforcement
International Journal of Information and Computer Security
A policy-based conflict detection model for billing rules
AsiaCSN '07 Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks
AsiaCSN '07 Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks
Towards automated security policy enforcement in multi-tenant virtual data centers
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
An attribute-based authorization policy framework with dynamic conflict resolution
Proceedings of the 9th Symposium on Identity and Trust on the Internet
A multi-agent system for E-insurance brokering
NODe'02 Proceedings of the NODe 2002 agent-related conference on Agent technologies, infrastructures, tools, and applications for E-services
A service-oriented trust management framework
AAMAS'02 Proceedings of the 2002 international conference on Trust, reputation, and security: theories and practice
Dynamic conflict detection and resolution in a human-centered ubiquitous environment
UAHCI'07 Proceedings of the 4th international conference on Universal access in human-computer interaction: ambient interaction
Applying data mining techniques to analyze alert data
APWeb'03 Proceedings of the 5th Asia-Pacific web conference on Web technologies and applications
Logic-based detection of conflicts in APPEL policies
FSEN'07 Proceedings of the 2007 international conference on Fundamentals of software engineering
Managing concern interactions in middleware
DAIS'07 Proceedings of the 7th IFIP WG 6.1 international conference on Distributed applications and interoperable systems
Autonomic policy adaptation using decentralized online clustering
Proceedings of the 7th international conference on Autonomic computing
A model of triangulating environments for policy authoring
Proceedings of the 15th ACM symposium on Access control models and technologies
Data protection models for service provisioning in the cloud
Proceedings of the 15th ACM symposium on Access control models and technologies
Visualization for access control policy analysis results using multi-level grids
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Access control policies for semantic networks
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Formalization and management of group obligations
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
ANGLE: An autonomous, normative and guidable agent with changing knowledge
Information Sciences: an International Journal
Semantic-based authorization architecture for Grid
Future Generation Computer Systems
Privacy-preserving similarity measurement for access control policies
Proceedings of the 6th ACM workshop on Digital identity management
Editorial: Detection of semantic conflicts in ontology and rule-based information systems
Data & Knowledge Engineering
A cautionary note about policy conflict resolution
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
OWL-POLAR: semantic policies for agent reasoning
ISWC'10 Proceedings of the 9th international semantic web conference on The semantic web - Volume Part I
Normative conflicts in electronic contracts
Electronic Commerce Research and Applications
Anomaly discovery and resolution in web access control policies
Proceedings of the 16th ACM symposium on Access control models and technologies
A study on hierarchical policy model for managing heterogeneous security systems
ICCSA'11 Proceedings of the 2011 international conference on Computational science and its applications - Volume Part IV
Modality conflict discovery for SOA security policies
APPT'11 Proceedings of the 9th international conference on Advanced parallel processing technologies
Formal enforcement and management of obligation policies
Data & Knowledge Engineering
Policy-Based route optimization for network mobility of next generation wireless networks
ADHOC-NOW'06 Proceedings of the 5th international conference on Ad-Hoc, Mobile, and Wireless Networks
Defining and measuring policy coverage in testing access control policies
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
A static analysis using tree automata for XML access control
ATVA'05 Proceedings of the Third international conference on Automated Technology for Verification and Analysis
A generic policy-conflict handling model
ISCIS'05 Proceedings of the 20th international conference on Computer and Information Sciences
Towards a task-oriented, policy-driven business requirements specification for web services
BPM'06 Proceedings of the 4th international conference on Business Process Management
Considering privacy and effectiveness of authorization policies for shared electronic health records
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
An architecture for autonomic management of ambient networks
AN'06 Proceedings of the First IFIP TC6 international conference on Autonomic Networking
Managing policies for dynamic spectrum access
AN'06 Proceedings of the First IFIP TC6 international conference on Autonomic Networking
Modeling communicative behavior using permissions and obligations
AC'04 Proceedings of the 2004 international conference on Agent Communication
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
Semantic-Based policy engineering for autonomic systems
WAC'04 Proceedings of the First international IFIP conference on Autonomic Communication
OWL-POLAR: A framework for semantic policy representation and reasoning
Web Semantics: Science, Services and Agents on the World Wide Web
A probabilistic heuristic for conflict detection in policy based management of diffserv networks
MATA'05 Proceedings of the Second international conference on Mobility Aware Technologies and Applications
A framework for policy driven auto-adaptive systems using dynamic framed aspects
Transactions on Aspect-Oriented Software Development II
Generic policy conflict handling using a priori models
DSOM'05 Proceedings of the 16th IFIP/IEEE Ambient Networks international conference on Distributed Systems: operations and Management
Collaborations, mergers, acquisitions, and security policy conflict analysis
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
EPAL based privacy enforcement using ECA rules
ICISS'05 Proceedings of the First international conference on Information Systems Security
Non-intrusive policy optimization for dependable and adaptive service-oriented systems
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Consistency maintenance of modern security policies
ADCONS'11 Proceedings of the 2011 international conference on Advanced Computing, Networking and Security
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Logic-based Conflict Detection for Distributed Policies
Fundamenta Informaticae - Fundamentals of Software Engineering 2007: Selected Contributions
Network-level access control policy analysis and transformation
IEEE/ACM Transactions on Networking (TON)
Secure interoperation design in multi-domains environments based on colored Petri nets
Information Sciences: an International Journal
International Journal of Systems and Service-Oriented Engineering
On the notion of redundancy in access control policies
Proceedings of the 18th ACM symposium on Access control models and technologies
Policy conflicts in home automation
Computer Networks: The International Journal of Computer and Telecommunications Networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
A fuzzy, utility-based approach for proactive policy-based management
RuleML'13 Proceedings of the 7th international conference on Theory, Practice, and Applications of Rules on the Web
Using AOP-based enforcement of prioritised XACML policies for location privacy
International Journal of Internet Technology and Secured Transactions
Verification and enforcement of access control policies
Formal Methods in System Design
| Hi-index | 0.00 |
Modern distributed systems contain a large number of objects and must be capable of evolving, without shutting down the complete system, to cater for changing requirements. There is a need for distributed, automated management agents whose behavior also has to dynamically change to reflect the evolution of the system being managed. Policies are a means of specifying and influencing management behavior within a distributed system, without coding the behavior into the manager agents. Our approach is aimed at specifying implementable policies, although policies may be initially specified at the organizational level (c.f. goals) and then refined to implementable actions. We are concerned with two types of policies. Authorization policies specify what activities a manager is permitted or forbidden to do to a set of target objects and are similar to security access-control policies. Obligation policies specify what activities a manager must or must not do to a set of target objects and essentially define the duties of a manager. Conflicts can arise in the set of policies. For example, an obligation policy may define an activity which is forbidden by a negative authorization policy; there may be two authorization policies which permit and forbid an activity or two policies permitting the same manager to sign checks and approve payments may conflict with an external principle of separation of duties. Conflicts may also arise during the refinement process between the high-level goals and the implementable policies. The system may have to cater for conflicts such as exceptions to normal authorization policies. This paper reviews policy conflicts, focusing on the problems of conflict detection and resolution. We discuss the various precedence relationships that can be established between policies in order to allow inconsistent policies to coexist within the system and present a conflict analysis tool which forms part of a role-based management framework. Software development and medical environments are used as example scenarios in the paper.