• DocumentCode
    3366966
  • Title

    On the Definition and Policies of Confidentiality

  • Author

    Hammer, Johs Hansen ; Schneider, Gerardo

  • Author_Institution
    NAV, Oslo
  • fYear
    2007
  • fDate
    29-31 Aug. 2007
  • Firstpage
    337
  • Lastpage
    342
  • Abstract
    In this paper we propose a more general definition of confidentiality, as an aspect of information security including information flow control. We discuss central aspects of confidentiality and their relation with norms and policies, and we introduce a language, with a deontic flavor, to express such norms and policies. Our language may be regarded as a first step towards a formal specification of security policies for confidentiality. We provide a number of examples of useful norms on confidentiality, and we discuss confidentiality policies from real scenarios.
  • Keywords
    authorisation; formal specification; formal specification; information authorisation; information confidentiality; information flow control; information security; Access control; Authorization; Automatic control; Control systems; Formal specifications; Informatics; Information security; Permission; Software performance; Writing; confidentiality; norms; policies.;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
  • Conference_Location
    Manchester
  • Print_ISBN
    0-7695-2876-7
  • Electronic_ISBN
    978-0-7695-2876-2
  • Type

    conf

  • DOI
    10.1109/IAS.2007.20
  • Filename
    4299796
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3366966