Sciweavers

CCS
2007
ACM

Direct static enforcement of high-level security policies

14 years 6 months ago
Direct static enforcement of high-level security policies
A high-level security policy states an overall safety requirement for a sensitive task. One example of a high-level security policy is a separation of duty policy, which requires a sensitive task to be performed by a team of at least k users. Recently, Li and Wang [6] proposed an algebra for specifying a wide range of high-level security policies with both qualification and quantity requirements on users who perform a task. In this paper, we study the problem of direct static enforcement of high-level security policies expressed in this algebra. We formally define the notion of a static safety policy, which requires that every set of users together having all permissions needed to complete a sensitive task must contain a subset that satisfies the corresponding security requirement expressed as a term in the algebra. The static safety checking problem asks whether an access control state satisfies a given high-level policy. We study several computational problems related to the sta...
Qihua Wang, Ninghui Li
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where CCS
Authors Qihua Wang, Ninghui Li
Comments (0)