DocumentCode
3211022
Title
Analyzing consistency of security policies
Author
Cholvy, Laurence ; Cuppens, Frédéric
Author_Institution
ONERA-CERT, Toulouse, France
fYear
1997
fDate
4-7 May 1997
Firstpage
103
Lastpage
112
Abstract
We discuss the development of a methodology for reasoning about properties of security policies. We view a security policy as a special case of regulation which specifies what actions some agents are permitted, obliged or forbidden to perform and we formalize a policy by a set of deontic formulae. We first address the problem of checking policy consistency and describe a method for solving it. The second point we are interested in is how to query a policy to know the actual norms which apply to a given situation. In order to provide the user with consistent answers, the normative conflicts which may appear in the policy must be solved. For doing so, we suggest using the notion of roles and define priorities between roles
Keywords
formal languages; formal logic; security of data; deontic formulae; formal language; formal logic; methodology; normative conflicts; problem solving; regulation; role priorities; roles; security policy consistency analysis; Access control; Logic; Permission; Security;
fLanguage
English
Publisher
ieee
Conference_Titel
Security and Privacy, 1997. Proceedings., 1997 IEEE Symposium on
Conference_Location
Oakland, CA
ISSN
1081-6011
Print_ISBN
0-8186-7828-3
Type
conf
DOI
10.1109/SECPRI.1997.601324
Filename
601324
Link To Document