The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.02 - March-April (2012 vol.14)
pp: 4-7
David Ferraiolo , US National Institute of Standards and Technology
Jeffrey Voas , US National Institute of Standards and Technology
George F. Hurlburt , Change Index
ABSTRACT
<p>To many, system policy is a statement posted on a website indicating intention to protect personal data. In reality, policy is much broader, and its enforcement far more consequential. What if policy-derived rule sets could be rigorously defined and automated for software-intensive systems? Imagine a "policy machine" that allows codification of arbitrary rules stemming from policy to create executable code. Such a tool exists today at the US National Institute of Standards and Technology. The NIST Policy Machine offers a new technology in enforcing the important role of policy in systems design, evolution, management, and policy enforcement.</p>
INDEX TERMS
System policy, policy enforcement
CITATION
David Ferraiolo, Jeffrey Voas, George F. Hurlburt, "A Matter of Policy", IT Professional, vol.14, no. 2, pp. 4-7, March-April 2012, doi:10.1109/MITP.2012.30
REFERENCES
1. J. Martin et al., "Systems Engineering Guide," Naval Air Systems Command, May 2003.
2. A. Valjarevic and H.S. Venter, "Towards a Digital Forensic Readiness Framework for Public Key Infrastructure Systems," Proc. Information Security South Africa (ISSA 11), IEEE Press, 2011, pp. 1–10.
3. C. Matlack, "Société Générale's Fraud: What Now?" Bloomberg Business Week,24 Jan. 2008; www. businessweek.com/globalbiz/content/ jan2008gb20080124_769729.htm.
4. D. Ferraiolo, V. Atluri, and S. Gavrila, "The Policy Machine: A Novel Architecture and Framework for Access Control Policy Specification and Enforcement," J. Systems Architecture, vol. 57, no. 4, 2011, pp. 412–424.
133 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool