• DocumentCode
    1473588
  • Title

    A Matter of Policy

  • Author

    Ferraiolo, David ; Voas, Jeffrey ; Hurlburt, George F.

  • Author_Institution
    US National Institute of Standards and Technology
  • Volume
    14
  • Issue
    2
  • fYear
    2012
  • Firstpage
    4
  • Lastpage
    7
  • Abstract
    To many, system policy is a statement posted on a website indicating intention to protect personal data. In reality, policy is much broader, and its enforcement far more consequential. What if policy-derived rule sets could be rigorously defined and automated for software-intensive systems? Imagine a "policy machine" that allows codification of arbitrary rules stemming from policy to create executable code. Such a tool exists today at the US National Institute of Standards and Technology. The NIST Policy Machine offers a new technology in enforcing the important role of policy in systems design, evolution, management, and policy enforcement.
  • Keywords
    Access control; Contracts; Electronic mail; NIST; System policy; policy enforcement;
  • fLanguage
    English
  • Journal_Title
    IT Professional
  • Publisher
    ieee
  • ISSN
    1520-9202
  • Type

    jour

  • DOI
    10.1109/MITP.2012.30
  • Filename
    6171959
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1473588