Security rules versus Security properties

Mathieu Jaume 1, *
* Corresponding author
1 SPI - Sémantiques, preuves et implantation
LIP6 - Laboratoire d'Informatique de Paris 6
Abstract : There exist many approaches to specify and to define security policies. We present here a framework in which the basic components of security policies can be expressed, and we identify their role in the description of a policy, of a system and of a secure system. In this setting, we formally describe two approaches to define policies, and we relate them: the rule-based approach consists of specifying the conditions under which an action is granted and, the property-based approach consists of specifying the security properties the policy aims to enforce. We also show how a policy can be applied to constrain an existing system, and how a secure system can be defined from a security policy.
Document type :
Conference papers
Complete list of metadatas

Cited literature [18 references]  Display  Hide  Download

https://hal.sorbonne-universite.fr/hal-00593937
Contributor : Mathieu Jaume <>
Submitted on : Wednesday, May 18, 2011 - 10:49:53 AM
Last modification on : Thursday, March 21, 2019 - 1:00:19 PM
Long-term archiving on : Friday, November 9, 2012 - 11:35:57 AM

File

jaume.pdf
Files produced by the author(s)

Identifiers

Citation

Mathieu Jaume. Security rules versus Security properties. Sixth International Conference on Information Systems Security (ICISS 2010), Dec 2010, Gandhinagar, India. pp.231-245, ⟨10.1007/978-3-642-17714-9_17⟩. ⟨hal-00593937⟩

Share

Metrics

Record views

233

Files downloads

167