Abstract
This paper contributes to the current discussion on multipolicy systems: systems that support a multitude of independent security domains in which an individual security policy is enforced on the applications. In multipolicy systems, the interoperability between different security domains constitutes a major problem. While security policies are capable of controlling the applications within their domains, interactions between security domains create security loop-holes and cause conflicts between the involved security policies. This paper introduces policy groups as an approach to secure domain interactions. A policy group combines a set of security policies with a set of policies that control inter-domain actions. It composes a multipolicy system's security policies into a single structure and provides a single point of reference for the discussion of a system's security properties. In order to provide a precise foundation for this discussion, the paper introduces a formal model of policy groups based on Harrison, Ruzzo and Ullman's access control calculus. The paper concludes with statements about the decidability of the safety problem for policy groups.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
