The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - November/December (2008 vol.6)
pp: 30-36
David M. Nicol , University of Illinois at Urbana-Champaign
William H. Sanders , University of Illinois at Urbana-Champaign
Sankalp Singh , University of Illinois at Urbana-Champaign
Mouna Seri , University of Illinois at Urbana-Champaign
ABSTRACT
The Access Policy Tool (APT) verifies access policy implementation (expressed as rules) against specification of global policy—for example, policy that encodes best practice recommendations. PCS operators can use the APT to analyze their network configurations for compliance to best practice recommendations.
INDEX TERMS
firewalls, security policy, verification, process control security, Access Policy Tool, APT
CITATION
David M. Nicol, William H. Sanders, Sankalp Singh, Mouna Seri, "Usable Global Network Access Policy for Process Control Systems", IEEE Security & Privacy, vol.6, no. 6, pp. 30-36, November/December 2008, doi:10.1109/MSP.2008.159
REFERENCES
1. K. Stouffer, J. Falco, and K. Scarfone, Guide to Industrial Control Systems (ICS) Security, tech. report SP-800-82 (2nd public draft), US Nat'l Inst. Standards and Technology, 2007.
2. D. Nicol et al., "APT: Access Policy Tool for Verification of Distributed and Layered Security Policy Implementation," 2008; www.perform.csl.uiuc.eduapt.
3. P. Veríssimo, N. Ferreira Neves, and M. Correia, "Crutial: The Blueprint of a Reference Critical Information Infrastructure Architecture," Proc. 1st Int'l Workshop on Critical Information Infrastructures, LNCS 4347, Springer, 2006.
4. F.J. García Celmente et al., "Towards Semantic Web-based Management of Security Services," Annals Telecomm., vol. 63, nos. 3–4, 2008, pp. 183–193.
5. A. Pras et al., "Key Research Challenges in Network Management," IEEE Comm., vol. 45, no. 10, 2007, pp. 104–110.
6. S. Barker and P.J. Stuckey, "Flexible Access Control Policy Specification with Constraint Logic Programming," ACM Trans. Information Systems Security, vol. 6, no. 4, 2003, pp. 501–546.
7. G. Zanin and L. Mancini, "Towards a Formal Model for Security Policies Specification and Validation in the SeLinux System," Proc. 9th ACM Symp. Access Control Models and Technologies (SACMAT 04), ACM Press, 2004, pp. 136–145.
8. P. Griffin, "Introduction to XACML," 2004; www.oracle.com/technology/pub/articles/dev2arch/ 2004/02xacml.html.
9. N. Dulay et al., "A Policy Language for the Management of Distributed Agents," Proc. Agent-Oriented Software Eng. (AOSE), LNCS 2222, Springer, 2001, pp. 84–100.
10. D. Kulpers and M. Fabro, Control Systems Cyber Security: Defense in Depth Strategies, tech. report INL/EXT-06-11478, Idaho Nat'l Laboratory, 2006.
19 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool