Abstract

This paper contributes to the current discussion on multipolicy systems: systems that support a multitude of independent security domains in which an individual security policy is enforced on the applications. In multipolicy systems, the interoperability between different security domains constitutes a major problem. While security policies are capable of controlling the applications within their domains, interactions between security domains create security loop-holes and cause conflicts between the involved security policies. This paper introduces policy groups as an approach to secure domain interactions. A policy group combines a set of security policies with a set of policies that control inter-domain actions. It composes a multipolicy system's security policies into a single structure and provides a single point of reference for the discussion of a system's security properties. In order to provide a precise foundation for this discussion, the paper introduces a formal model of policy groups based on Harrison, Ruzzo and Ullman's access control calculus. The paper concludes with statements about the decidability of the safety problem for policy groups.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.