Security policies determine which security requirements have to be met in a domain and how they are implemented organizationally and/or technically. However, their specification at run-time poses a challenge for policy authors (e.g., IT administrators or end users), especially if they are inexperienced in this task. Thus, specification interfaces have to guide the policy author during the specification process. However, matching appropriate specification processes to the policy authors' individual needs is challenging due to a high variability in the authors' skill levels and security perceptions. In this paper, we identify existing specification approaches, derive generic specification paradigms and show the feasibility of one of them in a...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...
Security policies determine which security requirements have to be met in a domain and how they are ...
Security policies are an established way for specifying security demands. However, stakeholders are ...
The technical or organizational enforcement of security policies is a necessity for modern enterpris...
This paper analyses the problem of specifying a security policy for organizations. First, various is...
Abstract—This paper develops a prototyping technique for information systems security policies. Star...
Security Policies constitute the core of network protection infrastructures. However, their developm...
Users want to gain more self-determination in the form of self-responsible definition and control of...
International audienceThis paper presents a comparative study of policy specification lan- guages. O...
The configuration and management of security controls and applications is complex and not well under...
Abstract Security policies are ubiquitous in information systems and more generally in the managemen...
Abstract—Policies can be used for the configuration and management of existing services, possibly at...
Policies, in particular security policies, are typically modelled using access control lists. This t...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...
Security policies determine which security requirements have to be met in a domain and how they are ...
Security policies are an established way for specifying security demands. However, stakeholders are ...
The technical or organizational enforcement of security policies is a necessity for modern enterpris...
This paper analyses the problem of specifying a security policy for organizations. First, various is...
Abstract—This paper develops a prototyping technique for information systems security policies. Star...
Security Policies constitute the core of network protection infrastructures. However, their developm...
Users want to gain more self-determination in the form of self-responsible definition and control of...
International audienceThis paper presents a comparative study of policy specification lan- guages. O...
The configuration and management of security controls and applications is complex and not well under...
Abstract Security policies are ubiquitous in information systems and more generally in the managemen...
Abstract—Policies can be used for the configuration and management of existing services, possibly at...
Policies, in particular security policies, are typically modelled using access control lists. This t...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...