Title :
Experimenting with security policy
Author :
Smith, Richard E.
Abstract :
This paper reviews the role of experimentation when assessing the practical properties of security policy tools and mechanisms, particularly those properties relevant to military environments. While security policy has long provided a rich area for information security research, the fruits of this research have not always provided major benefits in practice. In hopes of addressing this problem, the DARPA Information Assurance program has sought to experiment with practical aspects of security policy. This paper examines two areas of policy experimentation and lessons learned by such efforts. The areas include mapping policy to real world problems, and making preplanned policy changes in response to changes in the defense “information condition” or INFOCON
Keywords :
military computing; security of data; DARPA Information Assurance program; INFOCON; data security policy; experimentation; information condition; military environments; Delay; Electronic mail; Information security; Mechanical factors; Military computing; Performance evaluation; Proposals;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932200
