• DocumentCode
    2509787
  • Title

    Security engineering of lattice-based policies

  • Author

    Bryce, Ciarán

  • Author_Institution
    GMD-German Nat. Res. Center for Inf. Technol., Sankt Augustin, Germany
  • fYear
    1997
  • fDate
    10-12 Jun 1997
  • Firstpage
    195
  • Lastpage
    207
  • Abstract
    Describes an algebraic approach to the security engineering of lattice policies. The approach has two main goals. First, it seeks to model access control policies with anti-symmetry, reflexivity and transitivity exceptions using a lattice, and to propose an information flow security definition for the resulting set of policies (POL). Second, it supports a constructive approach to policy specification through an algebraic structure (POL, AND, OR, NOT, ≡, ⩽). This structure is homomorphic to Boolean algebra. The approach´s goals and design decisions are influenced by the context in which it is being used: a library of reusable security components with tools to facilitate their reuse for securing application systems
  • Keywords
    Boolean algebra; algebraic specification; authorisation; security of data; software libraries; software reusability; Boolean algebra; access control policies; algebraic structure; anti-symmetry exceptions; application systems; constructive approach; homomorphism; information flow security definition; lattice-based policies; policy specification; reflexivity exceptions; reusable security component library; security engineering; transitivity exceptions; Access control; Boolean algebra; Communication system security; Curing; Information security; Information technology; Lattices; Libraries; Monitoring; National security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations Workshop, 1997. Proceedings., 10th
  • Conference_Location
    Rockport, MA
  • ISSN
    1063-6900
  • Print_ISBN
    0-8186-7990-5
  • Type

    conf

  • DOI
    10.1109/CSFW.1997.596813
  • Filename
    596813