Title :
Security engineering of lattice-based policies
Author_Institution :
GMD-German Nat. Res. Center for Inf. Technol., Sankt Augustin, Germany
Abstract :
Describes an algebraic approach to the security engineering of lattice policies. The approach has two main goals. First, it seeks to model access control policies with anti-symmetry, reflexivity and transitivity exceptions using a lattice, and to propose an information flow security definition for the resulting set of policies (POL). Second, it supports a constructive approach to policy specification through an algebraic structure (POL, AND, OR, NOT, ≡, ⩽). This structure is homomorphic to Boolean algebra. The approach´s goals and design decisions are influenced by the context in which it is being used: a library of reusable security components with tools to facilitate their reuse for securing application systems
Keywords :
Boolean algebra; algebraic specification; authorisation; security of data; software libraries; software reusability; Boolean algebra; access control policies; algebraic structure; anti-symmetry exceptions; application systems; constructive approach; homomorphism; information flow security definition; lattice-based policies; policy specification; reflexivity exceptions; reusable security component library; security engineering; transitivity exceptions; Access control; Boolean algebra; Communication system security; Curing; Information security; Information technology; Lattices; Libraries; Monitoring; National security;
Conference_Titel :
Computer Security Foundations Workshop, 1997. Proceedings., 10th
Conference_Location :
Rockport, MA
Print_ISBN :
0-8186-7990-5
DOI :
10.1109/CSFW.1997.596813
