Policies provide a flexible and scalable approach to the management of distributed systems by separating the specification of security requirements and their enforcement. This paper addresses the development of enforcement mechanisms from a theoretical perspective and shows how enforcement code can be formally derived for compositional, history-dependent policies that can change dynamically over time or on the occurrence of events. The work is currently supported by the MoD-funded DIF-DTC projects: "Secure and Trusted Agents for Information Fusion" and "Trust Management in Collaborative Systems". The technology behind this work is known as SANTA which is now being exploited by GD Ltd
We introduce a mechanism for the verification of real-time integrity policies about the operation of...
A precise characterization is given for the class of security policies that can be enforced using me...
Even though policy enforcement has been studied from different angles including notation, negotiatio...
Policy enforcement, or making sure that software behaves in line with a set of rules, is a problem o...
The paper is a deliverable for the DIF-DTC project "Secure and Trusted Agents for Information Fusion...
This thesis explores defining security policies in a decentralized setting and dynamic methods of en...
Security in computer systems is concerned with protecting resources from unauthorized access while e...
A large extent of today's computer programs is distributed. For instance, services for backups, fil...
Abstract. We revisit Schneider’s work on policy enforcement by ex-ecution monitoring. We overcome li...
Policy-based management (PBM) is an adaptable security policy mechanism in information systems (IS) ...
The paper is a deliverable for the DIF-DTC project "Secure and Trusted Agents for Information Fusion...
Usage control policies specify restrictions on the handling of data after access has been granted. W...
Policies are rules that govern the choices in behaviour of a system. Security policies define what a...
AbstractWe introduce a mechanism for the verification of real-time integrity policies about the oper...
<p>Computer and network security has become of paramount importance in our everyday lives. Cyber att...
We introduce a mechanism for the verification of real-time integrity policies about the operation of...
A precise characterization is given for the class of security policies that can be enforced using me...
Even though policy enforcement has been studied from different angles including notation, negotiatio...
Policy enforcement, or making sure that software behaves in line with a set of rules, is a problem o...
The paper is a deliverable for the DIF-DTC project "Secure and Trusted Agents for Information Fusion...
This thesis explores defining security policies in a decentralized setting and dynamic methods of en...
Security in computer systems is concerned with protecting resources from unauthorized access while e...
A large extent of today's computer programs is distributed. For instance, services for backups, fil...
Abstract. We revisit Schneider’s work on policy enforcement by ex-ecution monitoring. We overcome li...
Policy-based management (PBM) is an adaptable security policy mechanism in information systems (IS) ...
The paper is a deliverable for the DIF-DTC project "Secure and Trusted Agents for Information Fusion...
Usage control policies specify restrictions on the handling of data after access has been granted. W...
Policies are rules that govern the choices in behaviour of a system. Security policies define what a...
AbstractWe introduce a mechanism for the verification of real-time integrity policies about the oper...
<p>Computer and network security has become of paramount importance in our everyday lives. Cyber att...
We introduce a mechanism for the verification of real-time integrity policies about the operation of...
A precise characterization is given for the class of security policies that can be enforced using me...
Even though policy enforcement has been studied from different angles including notation, negotiatio...