Security Policy Reconciliation in Distributed Computing Environments

Yorktown Heights, New York June 07-June 09

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/POLICY.2004.1309160

Fifth IEEE International Workshop on ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Hao Wang Articles by Somesh Jha Articles by Miron Livny Articles by Patrick D. McDaniel

	ASCII Text	x
	Hao Wang, Somesh Jha, Miron Livny, Patrick D. McDaniel, "Security Policy Reconciliation in Distributed Computing Environments," Policies for Distributed Systems and Networks, IEEE International Workshop on, pp. 137, Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'04), 2004.

	BibTex	x
	@article{ 10.1109/POLICY.2004.1309160, author = {Hao Wang and Somesh Jha and Miron Livny and Patrick D. McDaniel}, title = {Security Policy Reconciliation in Distributed Computing Environments}, journal ={Policies for Distributed Systems and Networks, IEEE International Workshop on}, volume = {0}, year = {2004}, isbn = {0-7695-2141-X}, pages = {137}, doi = {http://doi.ieeecomputersociety.org/10.1109/POLICY.2004.1309160}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Policies for Distributed Systems and Networks, IEEE International Workshop on TI - Security Policy Reconciliation in Distributed Computing Environments SN - 0-7695-2141-X SP EP A1 - Hao Wang, A1 - Somesh Jha, A1 - Miron Livny, A1 - Patrick D. McDaniel, PY - 2004 KW - null VL - 0 JA - Policies for Distributed Systems and Networks, IEEE International Workshop on ER -

Hao Wang, University of Wisconsin, Madison, WI

Somesh Jha, University of Wisconsin, Madison, WI

Miron Livny, University of Wisconsin, Madison, WI

Patrick D. McDaniel, AT&T Labs-Research, Florham Park, NJ

A major hurdle in sharing resources between organizations is heterogeneity. Therefore, in order for two organizations to collaborate their policies have to be resolved. The process of resolving different policies is known as policy reconciliation, which in general is an intractable problem. This paper addresses policy reconciliation in the context of security. We present a formal framework and hierarchical representation for security policies. Our hierarchical representation exposes the structure of the policies and leads to an efficient reconciliation algorithm. We also demonstrate that agent preferences for security mechanisms can be readily incorporated into our framework. We have implemented our reconciliation algorithm in a library called the Policy Reconciliation Engine or PRE. In order to test the implementation and measure the overhead of our reconciliation algorithm, we have integrated PRE into a distributed high-throughput system called Condor.

Citation:

Hao Wang, Somesh Jha, Miron Livny, Patrick D. McDaniel, "Security Policy Reconciliation in Distributed Computing Environments," policy, pp.137, Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.