مرکز منطقه ای اطلاع رساني علوم و فناوري - Security policy specification templates for critical infrastructure services in the cloud

DocumentCode :

113408

Title :

Security policy specification templates for critical infrastructure services in the cloud

Author :

Rudolph, Manuel ; Schwarz, Reinhard ; Jung, Christian

Author_Institution :

Fraunhofer IESE, Kaiserslautern, Germany

fYear :

2014

fDate :

8-10 Dec. 2014

Firstpage :

Lastpage :

Abstract :

Security policies are an established way for specifying security demands. However, stakeholders are hardly capable of specifying complex machine-readable security policies. Therefore, a user-friendly specification method is necessary, such as refineable natural-language security policy templates. This paper describes how a security expert can elicit security demands from various stakeholders and generalize them as security policy templates. By simply instantiating these templates, policy authors can easily specify their security demands. An examplary application in the context of cloud computing for critical infrastructure IT services is shown.

Keywords :

cloud computing; critical infrastructures; security of data; cloud computing; complex machine-readable security policies; critical infrastructure IT services; refineable natural-language security policy templates; security demands; security policy specification templates; user-friendly specification method; Cloud computing; Geology; Law; Natural languages; Security; Standards;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Internet Technology and Secured Transactions (ICITST), 2014 9th International Conference for

Conference_Location :

London

Type :

conf

DOI :

10.1109/ICITST.2014.7038776

Filename :

7038776

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=113408