Title :
Description and Reasoning of Security Policy in Information System Based on Security Domain
Author :
Tang, Chenghua ; Xie, Yi
Author_Institution :
Coll. of Comput. & Control, Guilin Univ. of Electron. Technol., Guilin, China
Abstract :
Security policy is the core of information system security management. In order to solve the problem of the security policy unified specification description, the classification and normative description are proposed based on the relationship between its object classes, which reflect the network information system and engineering security products and application policies, support security policy group and composite based on security domain. It can meet the high-level policy reuse, inheritance and parameterization, also support low-level formal reasoning. Result shows that the description and reasoning methods are conducive to information system and engineering security policy analysis, modeling and deployment.
Keywords :
inference mechanisms; information management; information systems; security of data; software reusability; engineering security policy analysis; engineering security products; information system security management; low-level formal reasoning; network information system; normative description; security domain; security policy reasoning; Authorization; Communication system security; Computer security; Engineering management; Information management; Information security; Information systems; Management information systems; National security; Systems engineering and theory;
Conference_Titel :
Information Engineering and Electronic Commerce (IEEC), 2010 2nd International Symposium on
Conference_Location :
Ternopil
Print_ISBN :
978-1-4244-6972-7
Electronic_ISBN :
978-1-4244-6974-1
DOI :
10.1109/IEEC.2010.5533231
