Title :
Security level evaluation: policy and fuzzy techniques
Author :
Casola, Valentina ; Rak, Massimiliano ; Preziosi, Rosa ; Troiano, Luigi
Author_Institution :
Dipt. di Ingegneria dell´´Informazione, Second Univ. of Naples, Italy
Abstract :
In a world made of interconnected systems that manage huge amount of confidential and shared data, security plays a significant role. Policies are the means by which security rules are defined and enforced. The ability of evaluating policies is becoming more and more relevant, especially when referred to cooperation of services belonging to untrusted domains. Here we have focused our attention on public key infrastructures (PKIs); at the state of the art security policies evaluation is expressed by means of security levels. However, policy evaluation must face uncertainty deriving from different perspectives, verbal judgments and lack of information. Fuzzy techniques and uncertainty reasoning can provide a meaningful way of dealing with these issues. We illustrate a fuzzy technique to evaluate the security level for a given policy against a set of reference policy levels.
Keywords :
authorisation; fuzzy logic; legislation; message authentication; uncertainty handling; confidential data management; fuzzy technique; public key infrastructure; security policy evaluation; uncertainty reasoning; Data engineering; Data security; Digital signatures; Information security; Interconnected systems; Law; Legal factors; Public key; Standards organizations; Uncertainty;
Conference_Titel :
Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on
Print_ISBN :
0-7695-2108-8
DOI :
10.1109/ITCC.2004.1286747
