Monitoring security policies with metric first-order temporal logic
Proceedings of the 15th ACM symposium on Access control models and technologies
Verification and enforcement of access control policies
Formal Methods in System Design
Knowledge-Based Policy Conflict Analysis in Mobile Social Networks
Wireless Personal Communications: An International Journal
Hi-index | 0.00 |
Policies provide a flexible and scalable approach to the management of distributed systems by separating the specification of security requirements and their enforcement. Over the years the expressiveness of policy languages increased considerably making it possible to capture a variety of complex requirements that for example depend on the history of the system execution. The most important criteria for the successful operation of policy-managed systems is whether the deployed enforcement mechanisms can guarantee the compliance with the policies. With the expressiveness of policy languages this assurance is increasingly difficult to achieve. In this paper we therefore address the development of enforcement mechanisms from a theoretical perspective and show how enforcement code can be formally derived for compositional, history-dependent policies that can change dynamically over time or on the occurrence of events.