• DocumentCode
    113408
  • Title

    Security policy specification templates for critical infrastructure services in the cloud

  • Author

    Rudolph, Manuel ; Schwarz, Reinhard ; Jung, Christian

  • Author_Institution
    Fraunhofer IESE, Kaiserslautern, Germany
  • fYear
    2014
  • fDate
    8-10 Dec. 2014
  • Firstpage
    61
  • Lastpage
    66
  • Abstract
    Security policies are an established way for specifying security demands. However, stakeholders are hardly capable of specifying complex machine-readable security policies. Therefore, a user-friendly specification method is necessary, such as refineable natural-language security policy templates. This paper describes how a security expert can elicit security demands from various stakeholders and generalize them as security policy templates. By simply instantiating these templates, policy authors can easily specify their security demands. An examplary application in the context of cloud computing for critical infrastructure IT services is shown.
  • Keywords
    cloud computing; critical infrastructures; security of data; cloud computing; complex machine-readable security policies; critical infrastructure IT services; refineable natural-language security policy templates; security demands; security policy specification templates; user-friendly specification method; Cloud computing; Geology; Law; Natural languages; Security; Standards;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Internet Technology and Secured Transactions (ICITST), 2014 9th International Conference for
  • Conference_Location
    London
  • Type

    conf

  • DOI
    10.1109/ICITST.2014.7038776
  • Filename
    7038776
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=113408