Add to ORKGDuring our fieldwork with real-world organizations---including those in Public Key Infrastructure (PKI), network configuration management, and the electrical power grid---we repeatedly noticed that security policies and related security artifacts are hard to manage. We observed three core limitations of security policy analysis that contribute to this difficulty. First, there is a gap between policy languages and the tools available to practitioners. Traditional Unix text-processing tools are useful, but practitioners cannot use these tools to operate on the high-level languages in which security policies are expressed and implemented. Second, practitioners cannot process policy at multiple levels of abstraction but they need this capabilit...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
The evolution of technological progress continually presents new information security challenges for...
This dissertation generalizes traditional models of security policies, from specifications of whethe...
NSA's Security-Enhanced (SE) Linux enhances Linux by providing a specification language for sec...
We describe a system called Miro for specifying and checking security constraints. Our system is gen...
Over the last 35 years, researchers have proposed many different forms of security policies to contr...
"Security" is hard to formalize, hard to design (and design for), hard to implement, hard to verify,...
This paper presents RX, a new security-typed programming language with features intended to make the...
AbstractLanguage-based security approaches to access control and information flow control must at so...
A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for t...
Information Systems today rarely are contained within a single user workstation, server, or networke...
Despite the availability of powerful mechanisms for security policy and access control, real-world i...
Computer security policies often are stated informally in terms of confidentiality, integrity, and av...
Security policy specification languages are a response to today\u27s complex and vulnerable software...
System administrators specify the access control policy they want and implement the relevant configu...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
The evolution of technological progress continually presents new information security challenges for...
This dissertation generalizes traditional models of security policies, from specifications of whethe...
NSA's Security-Enhanced (SE) Linux enhances Linux by providing a specification language for sec...
We describe a system called Miro for specifying and checking security constraints. Our system is gen...
Over the last 35 years, researchers have proposed many different forms of security policies to contr...
"Security" is hard to formalize, hard to design (and design for), hard to implement, hard to verify,...
This paper presents RX, a new security-typed programming language with features intended to make the...
AbstractLanguage-based security approaches to access control and information flow control must at so...
A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for t...
Information Systems today rarely are contained within a single user workstation, server, or networke...
Despite the availability of powerful mechanisms for security policy and access control, real-world i...
Computer security policies often are stated informally in terms of confidentiality, integrity, and av...
Security policy specification languages are a response to today\u27s complex and vulnerable software...
System administrators specify the access control policy they want and implement the relevant configu...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
The evolution of technological progress continually presents new information security challenges for...
This dissertation generalizes traditional models of security policies, from specifications of whethe...