Title :
Using RuleML to specify cross-domain information flow control policies
Author :
Arvay, Randall J. ; Wijesekera, Duminda ; Michael, James Bret
Author_Institution :
Dept. of Comput. Sci., Naval Postgrad. Sch., Monterey, CA, USA
Abstract :
We use RuleML to write declassification policies that secure information exchanges between different security levels of disparate access control models. Such flows enable sharing task-critical information that would otherwise not be shared without human intervention. Using RuleML as a security policy specification language allows us to preserve the safety property of information flow across multiple security levels. We also provide a motivating example of our approach to dealing with this property, taken from the Maritime Domain Awareness domain.
Keywords :
authorisation; specification languages; RuleML; access control model; cross-domain information flow control policy; declassification policy; information exchange security; maritime domain awareness; security policy specification language; task-critical information; Access control; Computer science; Computer security; Humans; Information security; Multilevel systems; Observability; Service oriented architecture; Software safety; Specification languages; Cross-Domain; RuleML; security policy;
Conference_Titel :
System of Systems Engineering, 2009. SoSE 2009. IEEE International Conference on
Conference_Location :
Albuquerque, NM
Print_ISBN :
978-1-4244-4766-4
Electronic_ISBN :
978-1-4244-4767-1
