Analyzing consistency of security policies

Oakland, CA May 04-May 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/SECPRI.1997.601324

1997 IEEE Symposium on Security and P ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by L. Cholvy Articles by F. Cuppens

	ASCII Text	x
	L. Cholvy, F. Cuppens, "Analyzing consistency of security policies," Security and Privacy, IEEE Symposium on, pp. 0103, 1997 IEEE Symposium on Security and Privacy, 1997.

	BibTex	x
	@article{ 10.1109/SECPRI.1997.601324, author = {L. Cholvy and F. Cuppens}, title = {Analyzing consistency of security policies}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {1997}, issn = {1540-7993}, pages = {0103}, doi = {http://doi.ieeecomputersociety.org/10.1109/SECPRI.1997.601324}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Analyzing consistency of security policies SN - 1540-7993 SP EP A1 - L. Cholvy, A1 - F. Cuppens, PY - 1997 KW - security of data; security policy consistency analysis; methodology; regulation; deontic formulae; problem solving; normative conflicts; roles; role priorities; formal logic; formal language VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

L. Cholvy, ONERA-CERT, Toulouse, France

F. Cuppens, ONERA-CERT, Toulouse, France

Abstract: We discuss the development of a methodology for reasoning about properties of security policies. We view a security policy as a special case of regulation which specifies what actions some agents are permitted, obliged or forbidden to perform and we formalize a policy by a set of deontic formulae. We first address the problem of checking policy consistency and describe a method for solving it. The second point we are interested in is how to query a policy to know the actual norms which apply to a given situation. In order to provide the user with consistent answers, the normative conflicts which may appear in the policy must be solved. For doing so, we suggest using the notion of roles and define priorities between roles.

Index Terms:

security of data; security policy consistency analysis; methodology; regulation; deontic formulae; problem solving; normative conflicts; roles; role priorities; formal logic; formal language

Citation:

L. Cholvy, F. Cuppens, "Analyzing consistency of security policies," sp, pp.0103, 1997 IEEE Symposium on Security and Privacy, 1997

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.