Checking Security Policy Compliance

Details Checking Security Policy Compliance Checking Security Policy Compliance

2008-09-30

arxiv.org/abs/0809.5266v1

Computer Science

Cryptography and Security

23 pages; submitted to TKDE; original submission 15 mar 2007; revised 20 jan 2008

Scientific paper

Ensuring compliance of organizations to federal regulations is a growing concern. This paper presents a framework and methods to verify whether an implemented low-level security policy is compliant to a high-level security policy. Our compliance checking framework is based on organizational and security metadata to support refinement of high-level concepts to implementation specific instances. Our work uses the results of refinement calculus to express valid refinement patterns and their properties. Intuitively, a low-level security policy is compliant to a high-level security policy if there is a valid refinement path from the high-level security policy to the low-level security policy. Our model is capable of detecting violations of security policies, failures to meet obligations, and capability and modal conflicts.

Affiliated with

Also associated with

No associations

Rating

Checking Security Policy Compliance does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Checking Security Policy Compliance, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Checking Security Policy Compliance will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-253388