Title :
Network System Model-Based Multi-level Policy Generation and Representation
Author :
Bei, Wu ; Xing-yuan, Chen ; Yong-liang, Wang ; Xiang-dong, Dai ; Jun, Peng
Author_Institution :
Inst. of Electron. Technol., Inf. Eng. Univ., Zhengzhou
Abstract :
Device and technology oriented policy making excessively depends on the knowledge and experiences of managers, but ignores the requirements and effects of the application environment. So the policy making is incomplete and liable to make mistakes. To solve the problem, hierarchy network security system model is designed. Policy making and representation methods are proposed based on the system modeling, which make the policy making is not limited to a single device and the only one security function. Upon the method, the policy auto making is implemented, and the policy correctness and integrity are insured, which decrease the burden of the manager and the possibilities of mistaking. According to the refinement of the policy basic attributes, multi-level policy representation described in BNF (Backus-Naur Form) form is promoted, which makes policy representation friendlier and more operable.
Keywords :
computer network management; security of data; Backus-Naur Form; application environment; device oriented policy making; hierarchy network security system model; multilevel policy generation; multilevel policy representation; network system model; policy attribute refinement; policy correctness; policy integrity; security function; technology oriented policy making; Access control; Authorization; Computer science; Control systems; Environmental management; Knowledge engineering; Knowledge management; Security; Software engineering; Technology management; BNF; network system model; policy generation; policy refinemnet; policy representation;
Conference_Titel :
Computer Science and Software Engineering, 2008 International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-0-7695-3336-0
DOI :
10.1109/CSSE.2008.1260
