CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
A General Theory of Composition for a Class of "Possibilistic" Properties
IEEE Transactions on Software Engineering
Stepwise Refinement of Distributed Systems, Models, Formalisms, Correctness, REX Workshop
A general theory of security properties
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
On the Negotiation of Access Control Policies
Revised Papers from the 9th International Workshop on Security Protocols
Review and Revocation of Access Privileges Distributed with PKI Certificates
Revised Papers from the 8th International Workshop on Security Protocols
Proceedings of the 11th international conference on Security Protocols
A generic approach for security policies composition: position paper
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
| Hi-index | 0.00 |
We define the notion of the application-oriented security policy and suggest that it differs from that of a system-level, global security policy. We view a policy as a conjunction of security properties and argue that these properties are not always independent and, hence, cannot be analyzed (e.g., composed) individually. We also argue that some necessary policy properties fall outside of the Alpern-Schneider safety/liveness domain and, hence, are not subject to the Abadi-Lamport composition principle. We suggest several areas of research in policy definition, composition, and administration.