Title :
Analysis of integrity policies using soft constraints
Author :
Bistarelli, Stefano ; Foley, Simon N.
Author_Institution :
Dipt. di Sci., Univ. di Pescara, Italy
Abstract :
An integrity policy defines the situations when modification of information is authorized and is enforced by the security mechanisms of the system. However, in a complex application system it is possible that an integrity policy may have been incorrectly specified and, as a result, a user may be authorized to modify information that can lead to an unexpected system compromise. We outline a scalable and quantitative technique that uses constraint solving to model and analyze the effectiveness of application system integrity policies.
Keywords :
authorisation; computer crime; constraint theory; data integrity; constraint solving; information modification; integrity policy analysis; soft constraint; system security mechanism; Application software; Computer crime; Computer science; Computer security; Counting circuits; Formal specifications; Hardware; Information security; Protection; Software systems;
Conference_Titel :
Policies for Distributed Systems and Networks, 2003. Proceedings. POLICY 2003. IEEE 4th International Workshop on
Print_ISBN :
0-7695-1933-4
DOI :
10.1109/POLICY.2003.1206959
