Goal-directed requirements acquisition
6IWSSD Selected Papers of the Sixth International Workshop on Software Specification and Design
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
A Goal-based Approach to Policy Refinement
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Goal-Oriented Requirements Enginering: A Roundtrip from Research to Practice
RE '04 Proceedings of the Requirements Engineering Conference, 12th IEEE International
A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
A security management information model derivation framework: from goals to configurations
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Model-Driven security policy deployment: property oriented approach
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Hi-index | 0.00 |
Security mechanisms enforcement consists in configuring devices with the aim that they cooperate and guarantee the defined security goals. In the network context, this task is complex due to the number, the nature, and the interdependencies of the devices to consider.In previous papers, we have proposed a formal framework that focuses on network security information management refinement. The framework includes three abstraction levels: the network security objectives, the network security tactics, and the network security device configurations. The information models of each abstraction level (consistency, correctness and feasibility) are formally specified and analyzed.In this paper we present the integration of this formal refinement process in the WBEM initiative in order to provide a management infrastructure that guarantees the validity of the deployed security configurations.