Title :
A Theoretical Security Model for Access Control and Security Assurance
Author :
Cheng, Bo-Chao ; Chen, Huan ; Tseng, Ryh-Yuh
Author_Institution :
Nat. Chung-Cheng Univ., Minshsiung
Abstract :
Advanced hacker techniques make the effective defense at the network security perimeters impossible. Many security solutions are proposed by researchers and practitioners in recent years, most of them focus on how to enhance the functionality and capability of security modules, but few of them emphasize on the assurance assessments of security modules. Security assurance intends to provide a degree of confidence instead of a true measure of how secure the system is. Security assurance should be measured and controlled in the process of security management life cycle. In this paper, we propose a security model, object association binding (OAB), to unify the access control policies and to provide an objective assessment for the confidence level of network security assurance. Based on the design principles of OAB, its prototype called network security policy assistant (NSPA) is implemented.
Keywords :
access control; computer networks; telecommunication security; access control; advanced hacker techniques; network security; network security policy assistant; object association binding; security assurance; Access control; Communication system security; Computer hacking; Computer security; Information security; National security; Network topology; Process control; Protection; Prototypes;
Conference_Titel :
Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
Conference_Location :
Manchester
Print_ISBN :
0-7695-2876-7
Electronic_ISBN :
978-0-7695-2876-2
DOI :
10.1109/IAS.2007.55
