• DocumentCode
    2326176
  • Title

    Merging security policies: analysis of a practical example

  • Author

    Cuppens, Frédéric ; Cholvy, Laurence ; Saurel, Claire ; Carrere, Jerome

  • Author_Institution
    ONERA-CERT, Toulouse, France
  • fYear
    1998
  • fDate
    9-11 Jun 1998
  • Firstpage
    123
  • Lastpage
    136
  • Abstract
    It often happens that organizations or companies have to respect several security policies simultaneously. The authors analyze a practical example which applies to the context of documents containing sensitive information. This example considers the problem of downgrading the classification of these documents when their contents become obsolete. There are several security policies that deal with this problem and it appears that these security policies are conflicting. They suggest a general approach to detect and solve the conflicts between the security policies and show how it applies to the practical example
  • Keywords
    security of data; classification downgrading; conflicts; obsolete information; security policy merging; sensitive information containing document; Ethics; Information security; Interference; Merging; Multilevel systems; Permission;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations Workshop, 1998. Proceedings. 11th IEEE
  • Conference_Location
    Rockport, MA
  • ISSN
    1063-6900
  • Print_ISBN
    0-8186-8488-7
  • Type

    conf

  • DOI
    10.1109/CSFW.1998.683163
  • Filename
    683163