Multi-constraint Security Policies for Delegated Firewall Administration

Cassio Ditzel Kropiwiec 1 Edgard Jamhour Manoel Camillo De Oliveira Penna Neto Guy Pujolle 1
1 Phare
LIP6 - Laboratoire d'Informatique de Paris 6
Abstract : This work presents a new policy based security framework that is able handle simultaneously and coherently mandatory, discretionary and security property policies. One important aspect of the proposed framework is that each dimension of the security policies can be managed independently, allowing people playing different roles in an organization to define security policies without violating a global security goal. The framework creates an abstract layer that permits to define security policies independently of how they will be enforced. For example, the mandatory and security property polices could be assigned to the risk management staff while the discretionary policies could be delegated among the several departments in the organization.
Type de document :
Communication dans un congrès
19th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management, DSOM 2008, Sep 2008, Samos Island, Greece. Springer, 19th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management, DSOM 2008, 5273, pp.123-135, Lecture Notes in Computer Science. 〈10.1007/978-3-540-87353-2_10〉
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-01303616
Contributeur : Lip6 Publications <>
Soumis le : lundi 18 avril 2016 - 14:09:01
Dernière modification le : jeudi 22 novembre 2018 - 14:25:34

Lien texte intégral

Identifiants

Collections

Citation

Cassio Ditzel Kropiwiec, Edgard Jamhour, Manoel Camillo De Oliveira Penna Neto, Guy Pujolle. Multi-constraint Security Policies for Delegated Firewall Administration. 19th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management, DSOM 2008, Sep 2008, Samos Island, Greece. Springer, 19th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management, DSOM 2008, 5273, pp.123-135, Lecture Notes in Computer Science. 〈10.1007/978-3-540-87353-2_10〉. 〈hal-01303616〉

Partager

Métriques

Consultations de la notice

47