DocumentCode
2326176
Title
Merging security policies: analysis of a practical example
Author
Cuppens, Frédéric ; Cholvy, Laurence ; Saurel, Claire ; Carrere, Jerome
Author_Institution
ONERA-CERT, Toulouse, France
fYear
1998
fDate
9-11 Jun 1998
Firstpage
123
Lastpage
136
Abstract
It often happens that organizations or companies have to respect several security policies simultaneously. The authors analyze a practical example which applies to the context of documents containing sensitive information. This example considers the problem of downgrading the classification of these documents when their contents become obsolete. There are several security policies that deal with this problem and it appears that these security policies are conflicting. They suggest a general approach to detect and solve the conflicts between the security policies and show how it applies to the practical example
Keywords
security of data; classification downgrading; conflicts; obsolete information; security policy merging; sensitive information containing document; Ethics; Information security; Interference; Merging; Multilevel systems; Permission;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Security Foundations Workshop, 1998. Proceedings. 11th IEEE
Conference_Location
Rockport, MA
ISSN
1063-6900
Print_ISBN
0-8186-8488-7
Type
conf
DOI
10.1109/CSFW.1998.683163
Filename
683163
Link To Document