A Theoretical Security Model for Access Control and Security Assurance

Author

Cheng, Bo-Chao ; Chen, Huan ; Tseng, Ryh-Yuh

Author_Institution

Nat. Chung-Cheng Univ., Minshsiung

fYear

2007

fDate

29-31 Aug. 2007

Firstpage

137

Lastpage

142

Abstract

Advanced hacker techniques make the effective defense at the network security perimeters impossible. Many security solutions are proposed by researchers and practitioners in recent years, most of them focus on how to enhance the functionality and capability of security modules, but few of them emphasize on the assurance assessments of security modules. Security assurance intends to provide a degree of confidence instead of a true measure of how secure the system is. Security assurance should be measured and controlled in the process of security management life cycle. In this paper, we propose a security model, object association binding (OAB), to unify the access control policies and to provide an objective assessment for the confidence level of network security assurance. Based on the design principles of OAB, its prototype called network security policy assistant (NSPA) is implemented.

Keywords

access control; computer networks; telecommunication security; access control; advanced hacker techniques; network security; network security policy assistant; object association binding; security assurance; Access control; Communication system security; Computer hacking; Computer security; Information security; National security; Network topology; Process control; Protection; Prototypes;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Assurance and Security, 2007. IAS 2007. Third International Symposium on

Conference_Location

Manchester

Print_ISBN

0-7695-2876-7

Electronic_ISBN

978-0-7695-2876-2

Type

conf

DOI

10.1109/IAS.2007.55

Filename

4299764