We present a method for specifying high level security policies that can be en-forced by runtime monitoring mechanisms. The method has three main steps: (1) the user of our method formalizes a set of policy rules using UML sequence diagrams; (2) the user selects a set of transformation rules from a transforma-tion library, and applies these using a tool to obtain a low level intermediate policy (also expressed in UML sequence diagrams); (3) the tool transforms the intermediate low level policy expressed in UML sequence diagrams into a UML inspired state machine that governs the behavior of a runtime policy enforce-ment mechanism. We believe that the method is both easy to use and useful since it automates much of the policy formalization pr...
Abstract—A fundamental problem in the specification of regulatory privacy policies such as the Healt...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
Abstract A precise characterization is given for the class of security policies enforceable with mec...
We present a method for specifying high level security policies that can be enforced by runtime moni...
We present a method for (1) specifying high-level secu-rity policies using UML sequence diagrams and...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...
A precise characterization is given for the class of security policies that can be enforced using me...
Abstract In this paper we present a method based on UML sequence diagrams for in-tegrating policy re...
International audienceThis paper presents an approach allowing for a given security and utility requ...
The UML is the de facto standard for system specification, but offers little specialized support for...
A runtime monitor is a program that runs in parallel with an un-trusted application and examines act...
Abstract. We present an approach to monitoring system policies. As a specification language, we use ...
The specification of policies is a crucial aspect in the development of complex systems, since polic...
Abstract. The UML is the de facto standard for system specification, but offers little specialized s...
AbstractSecurity specifications are controls and constraints on the behavior of the software and can...
Abstract—A fundamental problem in the specification of regulatory privacy policies such as the Healt...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
Abstract A precise characterization is given for the class of security policies enforceable with mec...
We present a method for specifying high level security policies that can be enforced by runtime moni...
We present a method for (1) specifying high-level secu-rity policies using UML sequence diagrams and...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...
A precise characterization is given for the class of security policies that can be enforced using me...
Abstract In this paper we present a method based on UML sequence diagrams for in-tegrating policy re...
International audienceThis paper presents an approach allowing for a given security and utility requ...
The UML is the de facto standard for system specification, but offers little specialized support for...
A runtime monitor is a program that runs in parallel with an un-trusted application and examines act...
Abstract. We present an approach to monitoring system policies. As a specification language, we use ...
The specification of policies is a crucial aspect in the development of complex systems, since polic...
Abstract. The UML is the de facto standard for system specification, but offers little specialized s...
AbstractSecurity specifications are controls and constraints on the behavior of the software and can...
Abstract—A fundamental problem in the specification of regulatory privacy policies such as the Healt...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
Abstract A precise characterization is given for the class of security policies enforceable with mec...