Methods and limitations of security policy reconciliation

被引：29

作者：

Mcdaniel, Patrick ^{[1
,3
]}

Prakash, Atul ^{[2
,4
]}

机构：

[1] Computer Science and Engineering, Pennsylvania State University

[2] Electrical Engineering and Computer Science, University of Michigan

[3] Computer Science and Engineering, Pennsylvania State University, University Park

[4] Electrical Engineering and Computer Science, University of Michigan, Ann Arbor

来源：

ACM Transactions on Information and System Security | 2006年 / 9卷 / 03期

关键词：

Security policy;

D O I：

10.1145/1178618.1178620

中图分类号：

学科分类号：

摘要：

A security policy specifies session participant requirements. However, existing frameworks provide limited facilities for the automated reconciliation of participant policies. This paper considers the limits and methods of reconciliation in a general-purpose policy model. We identify an algorithm for efficient two-policy reconciliation and show that, in the worst-case, reconciliation of three or more policies is intractable. Further, we suggest efficient heuristics for the detection and resolution of intractable reconciliation. Based upon the policy model, we describe the design and implementation of the Ismene policy language. The expressiveness of Ismene, and indirectly of our model, is demonstrated through the representation and exposition of policies supported by existing policy languages. We conclude with brief notes on the integration and enforcement of Ismene policy within the Antigone communication system. © 2006 ACM.

引用

页码：259 / 291

页数：32

共 48 条

[1]

Balenson D., Branstad D., Dinsmore P., Heyman M., Scace C., Cryptographic Context Negotiation Template, (1999)

[2]

Bartal Y., Mayer A.J., Nissim K., Wool A., Firmato: A novel firewall management toolkit, IEEE Symposium on Security and Privacy, pp. 17-31, (1999)

[3]

Bellovin S., Distributed firewalls, Login, pp. 39-47, (1999)

[4]

Bhatti N.T., Hiltunen M.A., Schlichting R.D., Chiu W., Coyote: A system for constructing fine-grain configurable communication services, ACM Transactions on Computer Systems, 16, 4 NOV, pp. 321-366, (1998)

[5]

Blaze M., Feigenbaum J., Lacy J., Decentralized trust management, Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 164-173, (1996)

[6]

Blaze M., Feigenbaum J., Ioannidis J., Keromytis A., The role of trust management in distributed systems security, Secure Internet Programming: Issues in Distributed and Mobile Object Systems Lecture Notes in Computer Science, 1603, pp. 184-210, (1999)

[7]

Blaze M., Feignbaum J., Ioannidis J., Keromytis A., The keyNote trust management system-Version 2, Internet Engineering Task Force, (1999)

[8]

Blight D.C., Hamada T., Policy-based networking architecture for QoS interworking in IP management, Proceedings of Integrated Network Management VI, Distributed Management for the Networked Millennium, pp. 811-826, (1999)

[9]

Branstad D., Balenson D., Policy-based cryptographic key management: Experience with the KRP project, Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX'00), pp. 103-114, (2000)

[10]

Cholvy L., Cuppens F., Analyzing consistancy of security policies, 1997 IEEE Symposium on Security and Privacy, pp. 103-112, (1997)

← 1 2 3 4 5 →