Policy enforcement point model

As information systems become more complex and dynamic, Policy Decision Points (PDPs) and Policy Enforcement Points (PEPs) follow the same trend. It becomes thus increasingly important to model the capabilities of these PDPs and PEPs, both in terms of coverage, dependencies and scope. In this paper, we focus on Policy Enforcement Points to model the objects on which they may enforce security constraints. This model, called the PEP Responsibility Domain (RD(PEP)), is build based on the configuration of the PEP following a bottom-up approach. This model can then be applied to multiple use cases, three of them are shown as examples in this paper, including policy evaluation and intrusion detection assessment and alert correlation

Mots clés

Policy Enforcement Point Approximation Accuracy Alert correlation Security policy

Domaines

Cryptographie et sécurité [cs.CR]

Médiathèque Télécom SudParis & Institut Mines-Télécom Business School : Connectez-vous pour contacter le contributeur

https://hal.science/hal-01263380

Soumis le : mercredi 27 janvier 2016-16:51:16

Dernière modification le : mercredi 20 mars 2024-17:23:28

Dates et versions

hal-01263380 , version 1 (27-01-2016)

Identifiants

HAL Id : hal-01263380 , version 1
DOI : 10.1007/978-3-319-23829-6_20

Citer

Yosra Ben Mustapha, Hervé Debar, Gregory Blanc. Policy enforcement point model. SECURECOMM 2014: 10th International Conference on Security and Privacy in Communication Networks, Sep 2014, Beijing, China. pp.278 - 286, ⟨10.1007/978-3-319-23829-6_20⟩. ⟨hal-01263380⟩

Exporter

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

INSTITUT-TELECOM CNRS TELECOM-SUDPARIS

51 Consultations

0 Téléchargements