Semantic comparison of security policies: from access control policies to flow properties

Mathieu Jaume 1
1 SPI - Sémantiques, preuves et implantation
LIP6 - Laboratoire d'Informatique de Paris 6
Abstract : This paper introduces two generic mechanisms allowing to compare security policies from a semantical point of view. First, a notion of embedding is defined in order to compare policies over a common domain. Then, interpretations of security policies are introduced in order to consider their properties over arbitrary domains. Thus, combining interpretations and embeddings allows to compare policies expressed over different domains. Along the lines of this paper, we illustrate our definitions by defining a flow-based interpretation of access control and by comparing classical access control policies according to a hierarchy of abstract flow policies, thus characterizing flow properties which can be ensured by access control policies.
Document type :
Conference papers
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-01272440
Contributor : Lip6 Publications <>
Submitted on : Wednesday, February 10, 2016 - 5:54:14 PM
Last modification on : Thursday, March 21, 2019 - 1:07:18 PM

Identifiers

Citation

Mathieu Jaume. Semantic comparison of security policies: from access control policies to flow properties. Workshop on Semantic Computing and Security, WSCS'2012, IEEE CS Security and Privacy Workshops, May 2012, San Francisco, United States. pp.60-67, ⟨10.1109/SPW.2012.33⟩. ⟨hal-01272440⟩

Share

Metrics

Record views

43