Abstract
Security policies are one of the most fundamental elements of computer security. Current security policy design is concerned with the composition of components in security systems and interactions among them. Consequently, in a modular specification and verification of a policy, the composition of the modules must consistently assure security policies. A rigorous and systematic way to predict and assure such critical properties is crucial. This paper addresses the problem in a formal way. It uses colored Petri net process (CPNP) to specify and verify security policies in a modular way. It defines fundamental policy properties, i.e., completeness, termination, consistency, and confluence in Petri net terminology and gets some theoretical results. According to the eXtensible Access Control Markup Language (XACML) combiners and property preserving Petri net process algebra (PPPA), several policy composition operators are specified and property preserving results are stated for the policy correctness verification. As an application, the approach is illustrated for the design of Chinese Wall Policy.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IEEE Transactions on Dependable and Secure Computing
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
