This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Usable Global Network Access Policy for Process Control Systems
November/December 2008 (vol. 6 no. 6)
pp. 30-36
ASCII Text
x 
 
David M. Nicol, William H. Sanders, Sankalp Singh, Mouna Seri, "Usable Global Network Access Policy for Process Control Systems," IEEE Security & Privacy, vol. 6, no. 6, pp. 30-36, November/December, 2008.
 
 
BibTex
x
 
@article{ 10.1109/MSP.2008.159,
author = {David M. Nicol and William H. Sanders and Sankalp Singh and Mouna Seri},
title = {Usable Global Network Access Policy for Process Control Systems},
journal ={IEEE Security & Privacy},
volume = {6},
number = {6},
issn = {1540-7993},
year = {2008},
pages = {30-36},
doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2008.159},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
}
 
 
RefWorks Procite/RefMan/Endnote
x 
 
TY - MGZN
JO - IEEE Security & Privacy
TI - Usable Global Network Access Policy for Process Control Systems
IS - 6
SN - 1540-7993
SP30
EP36
EPD - 30-36
A1 - David M. Nicol,
A1 - William H. Sanders,
A1 - Sankalp Singh,
A1 - Mouna Seri,
PY - 2008
KW - firewalls
KW - security policy
KW - verification
KW - process control security
KW - Access Policy Tool
KW - APT
VL - 6
JA - IEEE Security & Privacy
ER -
 
David M. Nicol, University of Illinois at Urbana-Champaign
William H. Sanders, University of Illinois at Urbana-Champaign
Sankalp Singh, University of Illinois at Urbana-Champaign
Mouna Seri, University of Illinois at Urbana-Champaign
The Access Policy Tool (APT) verifies access policy implementation (expressed as rules) against specification of global policy—for example, policy that encodes best practice recommendations. PCS operators can use the APT to analyze their network configurations for compliance to best practice recommendations.

1. K. Stouffer, J. Falco, and K. Scarfone, Guide to Industrial Control Systems (ICS) Security, tech. report SP-800-82 (2nd public draft), US Nat'l Inst. Standards and Technology, 2007.
2. D. Nicol et al., "APT: Access Policy Tool for Verification of Distributed and Layered Security Policy Implementation," 2008; www.perform.csl.uiuc.eduapt.
3. P. Veríssimo, N. Ferreira Neves, and M. Correia, "Crutial: The Blueprint of a Reference Critical Information Infrastructure Architecture," Proc. 1st Int'l Workshop on Critical Information Infrastructures, LNCS 4347, Springer, 2006.
4. F.J. García Celmente et al., "Towards Semantic Web-based Management of Security Services," Annals Telecomm., vol. 63, nos. 3–4, 2008, pp. 183–193.
5. A. Pras et al., "Key Research Challenges in Network Management," IEEE Comm., vol. 45, no. 10, 2007, pp. 104–110.
6. S. Barker and P.J. Stuckey, "Flexible Access Control Policy Specification with Constraint Logic Programming," ACM Trans. Information Systems Security, vol. 6, no. 4, 2003, pp. 501–546.
7. G. Zanin and L. Mancini, "Towards a Formal Model for Security Policies Specification and Validation in the SeLinux System," Proc. 9th ACM Symp. Access Control Models and Technologies (SACMAT 04), ACM Press, 2004, pp. 136–145.
8. P. Griffin, "Introduction to XACML," 2004; www.oracle.com/technology/pub/articles/dev2arch/ 2004/02xacml.html.
9. N. Dulay et al., "A Policy Language for the Management of Distributed Agents," Proc. Agent-Oriented Software Eng. (AOSE), LNCS 2222, Springer, 2001, pp. 84–100.
10. D. Kulpers and M. Fabro, Control Systems Cyber Security: Defense in Depth Strategies, tech. report INL/EXT-06-11478, Idaho Nat'l Laboratory, 2006.

Index Terms:
firewalls, security policy, verification, process control security, Access Policy Tool, APT
Citation:
David M. Nicol, William H. Sanders, Sankalp Singh, Mouna Seri, "Usable Global Network Access Policy for Process Control Systems," IEEE Security & Privacy, vol. 6, no. 6, pp. 30-36, Nov.-Dec. 2008, doi:10.1109/MSP.2008.159
Usage of this product signifies your acceptance of the Terms of Use.