International audienceThis paper presents an approach allowing for a given security and utility requirements, the selection of a combination of mechanisms and the way it will be applied to enforce them. To achieve this goal, we firstly use an expressive formal language to specify the security and utility properties required by data owners and the security mechanisms that can be used to enforce them. Second, we extend and use a Graphplan-based approach to build a planning graph representing all possible transformations of the system resulting from the application of security mechanisms. Finally, we define a method to search the best security mechanisms execution plan to transform the used system from its initial state to a state in which the...
One of the best ways to protect an organization’s assets is to implement security requirements...
Security policies in organisations typically take the form of obligations for the employees. However...
Abstract Security policies are ubiquitous in information systems and more generally in the managemen...
International audienceThis paper presents an approach allowing for a given security and utility requ...
A method must be provided to support the analysis of security policy rules interdependencies in a (p...
A method must be provided to support the analysis of security policy rules interdependencies in a (p...
International audienceThis paper presents a well-founded language allowing in one hand data owners t...
AbstractGraph-based specification formalisms for access control (AC) policies combine the advantages...
Graph-based specification formalisms for access control (AC) policies combine the advantages of an i...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...
Abstract — Verified and validated security policies are essential components of high assurance compu...
We present a method for specifying high level security policies that can be enforced by runtime moni...
Abstract—Graph-based assessment formalisms have proven to be useful in the safety, dependability, an...
We present a method for specifying high level security policies that can be en-forced by runtime mon...
A precise characterization is given for the class of security policies that can be enforced using me...
One of the best ways to protect an organization’s assets is to implement security requirements...
Security policies in organisations typically take the form of obligations for the employees. However...
Abstract Security policies are ubiquitous in information systems and more generally in the managemen...
International audienceThis paper presents an approach allowing for a given security and utility requ...
A method must be provided to support the analysis of security policy rules interdependencies in a (p...
A method must be provided to support the analysis of security policy rules interdependencies in a (p...
International audienceThis paper presents a well-founded language allowing in one hand data owners t...
AbstractGraph-based specification formalisms for access control (AC) policies combine the advantages...
Graph-based specification formalisms for access control (AC) policies combine the advantages of an i...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...
Abstract — Verified and validated security policies are essential components of high assurance compu...
We present a method for specifying high level security policies that can be enforced by runtime moni...
Abstract—Graph-based assessment formalisms have proven to be useful in the safety, dependability, an...
We present a method for specifying high level security policies that can be en-forced by runtime mon...
A precise characterization is given for the class of security policies that can be enforced using me...
One of the best ways to protect an organization’s assets is to implement security requirements...
Security policies in organisations typically take the form of obligations for the employees. However...
Abstract Security policies are ubiquitous in information systems and more generally in the managemen...