A compositional event & time-based policy model

Proceedings - Seventh IEEE International Workshop on Policies for Distributed Systems and Networks, Policy 2006

Volumn 2006, Issue , 2006, Pages 173-182

  Janicke, Helge ^a   Cau, Antonio ^a   Siewe, François ^a   Zedan, Hussein ^a   Jones, Kevin ^a  

^a DE MONTFORT UNIVERSITY   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

DECISION MAKING; MATHEMATICAL MODELS; PUBLIC POLICY; SEMANTICS; UNCERTAIN SYSTEMS;

DISTRIBUTED SYSTEMS; OBLIGATION POLICIES; TEMPORAL AXIS; TEMPORAL LOGIC;

DISTRIBUTED COMPUTER SYSTEMS;

EID: 33845387201     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/POLICY.2006.2     Document Type: Conference Paper

References (24)

1. L. J. LaPadula and D. E. Bell, "Secure computer systems: Mathematical foundations," MITRE Technical Report 2547, Tech. Rep., 1973.
2. D. Brewer and M. Nash, "The Chinese Wall Policy," in IEEE Symposium an Research in Security and Privacy, May 1989, pp. 206-214.
3. R. Anderson, "Security in clinical information systems," BMA Report, British Medical Association, Tech. Rep., Jan 1996.
4. A. Cau, B. Moszkowski, and H. Zedan, "The ITL homepage," http://www.cse.dmu.ac.uk/STRL/ITL/, 2005.
5. B. Moszkowski, "Compositional reasoning using interval temporal logic and tempura," in Compositionality: The Significant Difference, ser. LNCS, W.-P. d. Roever, H. Langmaack, and A. Pnueli, Eds., vol. 1486. Berlin: Springer Verlag, 1998, pp. 439-464.
6. F. Siewe, "A compositional framework for the development of secure access control systems," Ph.D. dissertation, Software Technology Research Laboratory, Department of Computer Science and Engineering, De Montfort University, Leicester, 2005.
7. M. Sloman, "Policy driven management for distributed systems," Journal of Network and Systems Management, vol. 2, pp. 333-360, 1994. [Online]. Available: citeseer.ist.psu.edu/sloman94policy.html
8. S. Jajodia, P. Samarati, V. S. Subrahmanian, and E. Bertino, "A unified framework for enforcing multiple access control policies," ACM transaction on Database Systems, vol. 26, no. 2, pp. 214-260, June 2001.
9. P. Bonatti, S. Vimercati, and P. Samarati, "An algebra for composing access control policies," ACM Transaction on Information and System security, vol. 5, no. 1, pp. 1-35, February 2002.
10. M. Abadi and C. Fournet, "Access control based on execution history," in 10th Annual Network and Distributed System Symposium (NDSS'03)., 2003. [Online]. Available: citeseer.ist.psu.edu/abadi03access.html
11. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, "Role-Based Access Control Models," IEEE Computer, vol. 29, no. 2, pp. 38-47, 1996.
12. E. Bertino, P. A. Bonatti, and E. Ferrari, "Trbac: A temporal role-based access control model," ACM Trans. Inf. Syst. Secur., vol. 4, no. 3, pp. 191-233, 2001.
13. T. Mossakowski, M. Drouineaud, and K. Sohr, "A temporal-logic extension of role-based access control covering dynamic separation of duties," in time-ictl, 10th International Symposium on Temporal Representation and Reasoning and Fourth International Conference on Temporal Logic, vol. 1, 2003, p. 83.
14. N. Damianou, N. Dulay, E. Lupu, and M. Sloman, "The ponder specification language," in Workshop on Policies for Distributed Systems and Networks (Policy2001), January 2001.
15. J. Hoagland, "Specifying and implementing security policies using lasco, the language for security constraints on objects," Ph.D. dissertation, University of California, 2000.
16. B. Moszkowski, "Some very compositional temporal properties," in Programming Concepts, Methods and Calculi, ser. IFIP Transactions, E.-R. Olderog, Ed., vol. A-56, IFIP. Elsevier Science B.V. (North-Holland), 1994, pp. 307-326.
17. H. Zedan, A. Cau, and S. Zhou, "A calculus for evolution," in Proc. of The Fifth International Conference on Computer Science and Informatics (CS&I'2000), 2000.
18. D. Bell and L. Lapadula, "Secure computer system unified exposition and multics interpretation," MITRE, Bedford, MA, Tech. Rep. MTR-2997, 1975.
19. F. Siewe, A. Cau, and H. Zedan, "A Compositional Framework for Access Control Policies Enforcement," in ACM Workshop on Formal Methods in Security Engineering (FMSE'03), M. Backes, D. Basin, and M. Waidner, Eds. Washington, DC: ACM Press, October 2003, pp. 32-42.
20. U.S. Depaitment of Health & Human Services, "HHS - Office for Civil Rights - HIPAA," 2004. [Online]. Available: http://www.hhs.gov/ocr/ hipaa/
21. M. Backes, M. Durmuth, and R. Steinwandt, "An Algebra for Composing Enterprise Privacy Policies," in Proceedings of 9th European Symposium On Research in Computer Security (ESORICS), P. Samarati, D. Gollmann, and R. Molva, Eds., September 2004, pp. 33-52.
22. P. Beautement, D. Allsopp, M. Greaves, S. Goldsmith, S. Spires, S. Thompson, and H. Janicke, "Autonomous Agents and Multi-Agent Systems (AAMAS) for the Military - Issues and Challenges," in Proceedings of 1st Workshop on Defence Applications for Multi-Agent Systems (DAMAS), Robert Ghanea-Hercock and Mark Greaves and Nick Jennings and Simon Thompson, Ed., July 2005.
23. H. Janicke, F. Siewe, K. Jones, A. Cau, and H. Zedan, "Analysis and run-time verification of dynamic security policies," in In Proceedings of The First Workshop on Defence Applications for Multi-Agent Systems (DAMAS'05), at AAMAS'05, Utrecht, Netherlands., Robert Ghanea-Hercock and Mark Greaves and Nick Jennings and Simon Thompson, Ed., 2005.
24. B. Moszkowski, Executing Temporal Logic Programs. England: Cambridge University Press, 1986.