Implementation of a Formal Security Policy Refinement Process in WBEM Architecture

Authors:
Romain Laborde;Michel Kamel;François Barrère;Abdelmalek Benzekri
Affiliations:
Université Paul Sabatier - IRIT/SIERA, Toulouse Cedex04, France F31062 and Computing Laboratory, University of Kent, Canterbury, UK CT2 7NZ;Université Paul Sabatier - IRIT/SIERA, Toulouse Cedex04, France F31062;Université Paul Sabatier - IRIT/SIERA, Toulouse Cedex04, France F31062;Université Paul Sabatier - IRIT/SIERA, Toulouse Cedex04, France F31062
Venue:
Journal of Network and Systems Management
Year:
2007

Citing 6
Cited 1

Goal-directed requirements acquisition

6IWSSD Selected Papers of the Sixth International Workshop on Software Specification and Design
Access Control: Policies, Models, and Mechanisms

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
A Goal-based Approach to Policy Refinement

POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Goal-Oriented Requirements Enginering: A Roundtrip from Research to Practice

RE '04 Proceedings of the Requirements Engineering Conference, 12th IEEE International
A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC Policies

Electronic Notes in Theoretical Computer Science (ENTCS)
A security management information model derivation framework: from goals to configurations

FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust

Model-Driven security policy deployment: property oriented approach

ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security mechanisms enforcement consists in configuring devices with the aim that they cooperate and guarantee the defined security goals. In the network context, this task is complex due to the number, the nature, and the interdependencies of the devices to consider.In previous papers, we have proposed a formal framework that focuses on network security information management refinement. The framework includes three abstraction levels: the network security objectives, the network security tactics, and the network security device configurations. The information models of each abstraction level (consistency, correctness and feasibility) are formally specified and analyzed.In this paper we present the integration of this formal refinement process in the WBEM initiative in order to provide a management infrastructure that guarantees the validity of the deployed security configurations.