Title :
Administration in a multiple policy/domain environment: the administration and melding of disparate policies
Author :
Ford, William R.
Author_Institution :
William Ford Consulting, Billerica, MA, USA
Abstract :
New standards for trusted systems propose multiple security policies and multiple policy domains. My experience with building a multi-policy machine prototype illustrated that multiple policy domains and complex policies push current policy administration techniques, tools and user interfaces beyond their limits. This paper proposes a holistic approach to policy administration, consisting of human-intuitive user interfaces for defining policies, a policy base (a knowledge base focused on the rules and data required to describe the policies to be administered and acted on) for storing them, and intelligent tool programs that allow the administrator to anticipate the impact of policy changes and interactions
Keywords :
DP management; knowledge based systems; security of data; user interfaces; utility programs; disparate policy administration techniques; holistic approach; human-intuitive user interfaces; intelligent tool programs; knowledge base; multi-policy machine prototype; multiple policy/domain environment; multiple security policies; policy base; policy change impact; policy interactions; security policy definition; standards; trusted systems; Computer interfaces; Computer security; Humans; Knowledge management; Prototypes; Software development management; Software maintenance; Software safety; Software tools; User interfaces;
Conference_Titel :
New Security Paradigms Workshop, 1995. Proceedings
Conference_Location :
La Jolla, CA
Print_ISBN :
0-8186-7318-4
DOI :
10.1109/NSPW.1995.492343
