Implementation of a Formal Security Policy Refinement Process in WBEM Architecture

Policy-based management of information systems enables the specification of high-level policies which need to be refined into lower level configurations suitable to be directly applied to services and final devices in order to achieve the high-level behavior previous specified. This chapter presents a proposal for describing high-level security policies and for carrying out the policy refinement process for which low level policies and configurations are achieved. Firstly, an analysis of different research works related to the specification of security policy is provided. Then, a detailed description of the information model used for describing the information systems and the policies is described. After that, the language designed for specifying high level security policies is explained as well as the low level language based on the Common Information Model. Finally, some aspect about the policy refinement process done in the policy-based system in order to achieve low-level policies from the high-level security policies is outlined together with a description of the tools which can assist in the definition of the security policies and in the process refinement process.

Download Full-text

Security policy refinement and enforcement for the design of multi-level secure systems

Journal of Computer Security ◽

10.3233/jcs-2008-16202 ◽

2008 ◽

Vol 16 (2) ◽

pp. 107-131 ◽

Cited By ~ 14

Author(s):

Jie Zhou ◽

Jim Alves-Foss

Keyword(s):

Security Policy ◽

Secure Systems ◽

Multi Level ◽

Policy Refinement

Download Full-text

Expertise Knowledge-Based Policy Refinement Process

Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07) ◽

10.1109/policy.2007.23 ◽

2007 ◽

Cited By ~ 2

Author(s):

Taufiq Rochaeli ◽

Claudia Eckert

Keyword(s):

Knowledge Based ◽

Refinement Process ◽

Policy Refinement

Download Full-text

Security policy refinement using data integration

Proceedings of the 2nd ACM workshop on Assurable and usable security configuration - SafeConfig '09 ◽

10.1145/1655062.1655068 ◽

2009 ◽

Cited By ~ 3

Author(s):

Robert Craven ◽

Jorge Lobo ◽

Emil Lupu ◽

Alessandra Russo ◽

Morris Sloman

Keyword(s):

Data Integration ◽

Security Policy ◽

Policy Refinement ◽

Using Data

Download Full-text

Improving Security Policy Coverage in Healthcare

Certification and Security in Health-Related Web Applications ◽

10.4018/978-1-61692-895-7.ch004 ◽

2011 ◽

pp. 66-83

Author(s):

Rafae Bhatti ◽

Tyrone Grandison

Keyword(s):

Security Policy ◽

Web Applications ◽

Healthcare Delivery ◽

Security And Privacy ◽

Coverage Problem ◽

Healthcare Applications ◽

Delivery Of Care ◽

Privacy Concerns ◽

Health Related ◽

Policy Refinement

With the adoption of Electronic Medical Records (EMRs), an increasing number of health-related Web applications are now available to consumers, providers and partners. While this transformation offers huge benefits, there are security and privacy concerns integral to the process of electronic healthcare delivery. In this work, the authors first survey the body of evidence to emphasize the design of appropriate security solutions for electronic healthcare applications. The successful solutions will always comply with the prime directive of healthcare - “nothing should interfere with delivery of care” (Grandison and Davis, 2007). The authors then formally present the problem of reconciling security and privacy policies with the actual healthcare workflow, which we refer to as the policy coverage problem. They outline a technical solution to the problem based on the concept of policy refinement, and develop a privacy protection architecture called PRIMA. They also offer guidelines for electronic healthcare applications to ensure adequate policy coverage. The ultimate goal is that electronic healthcare applications should be made secure without compromising usability.

Download Full-text

A Semantic Model to Assist Policy Refinement Mechanisms for NFV-MANO Systems

10.5753/wpietf.2021.15780 ◽

2021 ◽

Author(s):

Michel Bonfim ◽

Fred Freitas ◽

Stenio Fernandes

Keyword(s):

Policy Analysis ◽

Complex Task ◽

Semantic Model ◽

Preliminary Results ◽

Refinement Process ◽

Policy Refinement

Management in NFV scenarios is a complex task. In this scenario, automated policy refinement can be used to enforce NFV-MANO functions to deal with the increased complexity. However, existing solutions do not perform policy analysis. Therefore, in this work, we propose a semantic model in OWL 2, named Onto-Planner, to assist the policy refinement process for NFV-MANO systems. Preliminary results show that Onto-Planner provides policy analysis when a DL reasoner is applied.

Download Full-text