Developing dynamic security policies

Proceedings - DARPA Active Networks Conference and Exposition, DANCE 2002

Volumn , Issue , 2002, Pages 204-215

  Naldurg, P ^a   Campbell, R H ^a   Mickunas, M D ^a  

^a University of Illinois at Urbana Champaign   (United States)

Author keywords

Access control; Application software; Computer science; Contracts; Control systems; Information security; Power system management; Power system security; Safety; Software maintenance

Indexed keywords

ACCESS CONTROL; ACCIDENT PREVENTION; ACTIVE NETWORKS; APPLICATION PROGRAMS; COMPUTER CONTROL SYSTEMS; COMPUTER SCIENCE; COMPUTER SOFTWARE MAINTENANCE; CONTRACTS; CONTROL SYSTEMS; INFORMATION MANAGEMENT; NETWORK ARCHITECTURE; SECURITY OF DATA; SECURITY SYSTEMS; SPECIFICATIONS;

CONCURRENT BEHAVIOR; DYNAMIC ACCESS CONTROL; INTERACTIVE BEHAVIOR; OPERATIONAL PARAMETERS; POLICY IMPLEMENTATIONS; POLICY SPECIFICATION; POWER SYSTEM MANAGEMENT; POWER SYSTEM SECURITY;

NETWORK SECURITY;

EID: 35248854997     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DANCE.2002.1003494     Document Type: Conference Paper

References (35)

1. L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, and S. A. Haghighat. A domain and type enforcement UNIX prototype. In Proceedings of the 5th Usenix UNIX Security Symposium, Salt Lake City, Utah, June 1995.
2. D. Basin, M. Clavel, and J. Meseguer. "rewriting logic as a metalogical framework". In S. Kapoor and S. Prasad, editors, Twentieth Conference on the Foundations of Software Technology and Theoretical Computer Science, New Delhi, India, December 13-15, 2000, Proceedings, volume 1974, pages 55-80, 2000.
3. D. E. Bell and L. J. LaPadula. Secure computer systems: Mathematical foundations and model. Technical Report M74-244, Bedford MA, 1973.
4. M. Blaze, J. Feigenbaum, and A. D. Keromytis. KeyNote: Trust management for public-key infrastructures. In Security Protocols International Workshop, Cambridge, England, 1998.
5. J. Boyle et al. The COPS protocol. Internet Draft, February 24, 1999.
6. K. Calvert et al. Architectural framework for active networks. AN Architecture Working Group, Draft, 1998.
7. R. H. Campbell, Z. Liu, M. D. Mickunas, P. Naldurg, and S. Yi. Seraphim: dynamic interoperable security architecture for active networks. In OPENARCH 2000, Tel-Aviv, Israel, March 26-27, 2000.
8. A. Chander, D. Dean, and J. Mitchell. A state-transition model of trust management and access control. In 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, June 2001.
9. E. Clarke, O.Grumberg, and D. Peled. Model Checking. The MIT Press, 1999.
10. M. Clavel, F. Durán, S. Eker, P. Lincoln, N. Mart-Oliet, J. Meseguer, and J. F. Quesada. Maude: Specification and programming in rewriting logic. Theoretical Computer Science, 2001. To appear.
11. N. Damianou, N. Dulay, E. Lupu, and M. Sloman. Ponder: A language for specifying secuirty and management policies for distributed systems. Imperial College Research Report, July 2000.
12. E. Dijkstra. Guarded commands, nondeterminacy, and formal derivation of programs. Communications of the ACM, 18(8):453-457, 1975.
13. C. Ellison, B. Frantz, B. Lampson, R. Rivest, et al. SPKI certificate theory. RFC 2693, September 1999.
14. M. Hicks, P. Kakkar, J. T. Moore, C. A. Gunter, and S. Nettles. PLAN: A Packet Language for Active Networks. In Proceedings of the Third ACM SIGPLAN International Conference on Functional Programming Languages, pages 86-93. ACM, 1998.
15. S. Jajodia, P. Samarati, V. S. Subrahmanian, and E. Bertino. A unified framework for enforcing multiple access control policies. In In Proceedings of the ACM SIGMOD International Conference on Management of Data, volume 26,2 of SIGMOD Record, pages 474-485, 1997.
16. L. Lamport. A simple approach to specifying concurrent systems. In System Research Center, DEC, Palo Alto, CA, Report No.,15, 1986.
17. L. Lamport. Specifying concurrent systems with TLA+. In Calculational System Design. M. Broy and R. Steinbrggen, editors, 1999.
18. L. Lamport. A formal basis for the specification of concurrent systems. Notes for the NATO Advanced Study Institute, June 2000.
19. Z. Liu. Securing the Node of an Active Network. PhD thesis, University of Illinois, Department of Computer Science, Dec. 2001.
20. Z. Liu, R. H. Campbell, and M. D. Mickunas. Securing the node of an active network. In Active Middleware Services. Kluwer Academic Publishers, Boston, Massachusetts, September, 2000.
21. Z. Liu, R. H. Campbell, S. K. Varadarajan, P. Naldurg, S. Yi, and M. D. Mickunas. Flexible secure multicasting in active networks. In ICDCS International Workshop on Group Computation and Communication, Taipei, Taiwan, April, 2000.
22. Z. Liu, P. Naldurg, S. Yi, R. H. Campbell, and M. D. Mickunas. Pluggable active security for active networks. In International Conference on Parallel and Distributed Computing and Systems (PDCS 2000), Las Vegas, Nevada, November 6-9, 2000.
23. Z. Liu, P. Naldurg, S. Yi, T. Qian, R. H. Campbell, and M. D. Mickunas. An agent based architecture for supporting application level security. In DARPA Information Survivability Conference and Exposition, Hilton Head Island, SC, January 25-27, 2000.
24. P. Loscocco and S. Smalley. Integrating flexible support for security policies into the linux operating system. In Proceedings of the FREENIX Track of the 2001 USENIX Annual Technical Conference.
25. J. K. Millen. A resource allocation model for denial of service. In Proceedings of the IEEE Symposium on Security and Privacy, pages 137-147, 1992.
26. R. Mundy, D. Partain, and B. Stewart. Introduction to SNMPv3. RFC 2570, April 1999.
27. S. Murphy et al. Security architecture for active nets. AN Security Working Group, July 15, 1998.
28. S. Murphy, E. Lewis, R. Puga, R. Watson, and R. Yee. Strong security for active networks. In 2001 IEEE Open Architectures and Network Programming Proceedings (OpenArch 2001), Anchorage, AL, Apr 27-28, 2001. pp 63-70.
29. P. Naldurg and R. Campbell. Dynamic access control policies in seraphim. Technical report, Department of Computer Science, University of Illinois at Urbana-Champaign, 2002.
30. F. Schneider. Enforceable security policies. ACM Transactions on Information and System Security, 3(1):30-50, 2000.
31. SecPol. SecPol project homepage, 2000. URL: http://wwwdse. doc.ic.ac.uk/projects/secpol/SecPol-overview.html.
32. A. P. Sistla. Safety,liveness and fairness in temporal logic. Formal Aspects of Computing 6(5): 495-512 (1994), updated 1999.
33. M. Stevens et al. Policy framework. IETF draft, September 1999.
34. S. Weeks. Understanding trust management systems. In 2001 IEEE Symposium on Security and Privacy, May 2001.
35. C.-F. Yu and V. D. Gligor. A formal specification and verification method for the prevention of denial of service. In Proc. 1988 IEEE Symposium on Security and Privacy (Oakland '88), Oakland, CA, USA, Apr. 1988, pp.187-202.