DocumentCode :
2326176
Title :
Merging security policies: analysis of a practical example
Author :
Cuppens, Frédéric ; Cholvy, Laurence ; Saurel, Claire ; Carrere, Jerome
Author_Institution :
ONERA-CERT, Toulouse, France
fYear :
1998
fDate :
9-11 Jun 1998
Firstpage :
123
Lastpage :
136
Abstract :
It often happens that organizations or companies have to respect several security policies simultaneously. The authors analyze a practical example which applies to the context of documents containing sensitive information. This example considers the problem of downgrading the classification of these documents when their contents become obsolete. There are several security policies that deal with this problem and it appears that these security policies are conflicting. They suggest a general approach to detect and solve the conflicts between the security policies and show how it applies to the practical example
Keywords :
security of data; classification downgrading; conflicts; obsolete information; security policy merging; sensitive information containing document; Ethics; Information security; Interference; Merging; Multilevel systems; Permission;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Security Foundations Workshop, 1998. Proceedings. 11th IEEE
Conference_Location :
Rockport, MA
ISSN :
1063-6900
Print_ISBN :
0-8186-8488-7
Type :
conf
DOI :
10.1109/CSFW.1998.683163
Filename :
683163
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2326176
بازگشت