Security Engineering of Lattice-Based Policies

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ciaran Bryce

10th Computer Security Foundations Workshop (CSFW '97)

Rockport, Massachusetts

June 10-June 12

ISBN: 0-8186-7990-5

	ASCII Text	x
	Ciaran Bryce, "Security Engineering of Lattice-Based Policies," Computer Security Foundations Workshop, IEEE, pp. 195, 10th Computer Security Foundations Workshop (CSFW '97), 1997.

	BibTex	x
	@article{ 10.1109/CSFW.1997.596813, author = {Ciaran Bryce}, title = {Security Engineering of Lattice-Based Policies}, journal ={Computer Security Foundations Workshop, IEEE}, volume = {0}, year = {1997}, issn = {1063-6900}, pages = {195}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSFW.1997.596813}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Foundations Workshop, IEEE TI - Security Engineering of Lattice-Based Policies SN - 1063-6900 SP EP A1 - Ciaran Bryce, PY - 1997 KW - Security engineering KW - lattice policy modeling KW - information flow security. VL - 0 JA - Computer Security Foundations Workshop, IEEE ER -

Ciaran Bryce, GMD - German National Research Center for Information Technology

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSFW.1997.596813

This paper describes an algebraic approach to the security engineering of lattice policies. The approach extends earlier lattice and algebraic work, and has two main goals. First, it seeks to model access control policies with anti-symmetry, reflexivity and transitivity exceptions using a lattice, and to propose an information flow security definition for the resulting set (POL) of policies. Second, it supports a constructive approach to policy specification through an algebraic structure (POL, AND, OR, NOT, =, <). This structure is homomorphic to Boolean algebra. The approach's goals and design decisions are influenced by the context in which it is being used: a library of reusable security components with tools to facilitate their reuse for securing application systems.

Index Terms:

Security engineering, lattice policy modeling, information flow security.

Citation:

Ciaran Bryce, "Security Engineering of Lattice-Based Policies," csfw, pp.195, 10th Computer Security Foundations Workshop (CSFW '97), 1997

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.