共查询到10条相似文献,搜索用时 78 毫秒
1.
Yehia ElrakaibyAuthor Vitae Frédéric CuppensAuthor VitaeNora Cuppens-BoulahiaAuthor Vitae 《Data & Knowledge Engineering》2012,71(1):127-147
Obligations are generally actions that users are required to take and are essential for the expression of a large number of requirements. For instance, obligation actions may represent prerequisites to gain some privilege (pre obligations), to satisfy some ongoing or post requirement for resource usage (ongoing and post obligations), or to adhere to some privacy or availability policy. Obligations may also define states of affairs which should be maintained. An example of such obligations is the obligation “doctors should remain alert while in the operating room”. In this paper, we introduce a formal framework for the management and enforcement of obligation policies. The framework is formalized using concepts from action specification languages and the Event Condition Action paradigm of active databases. Therefore, our framework allows reasoning about change in the state of obligations and, at the same time, provides declarative formal semantics for their enforcement. In this framework, we support many types of obligations and show how to manage obligation activation, fulfillment and violation. 相似文献
2.
3.
4.
5.
6.
针对现有IPSec系统策略机制的不足,本文提出了一种面向应用的IPSec系统策略管理机制,通过监视应用程序的socket活动,实时地设置好相应的IPSec策略,对IP流实施细粒度的、不同等级的保护;同时,提供高级语言形式的策略设置语句,以满足用户添加和修改细粒度IPSec策略的需要;提供解决策略冲突的算法,将相互冲突的需求转化为无冲突的策略。该机制可以提高现有IPSec系统的性能,使其更好地满足网络实际环境的需要。 相似文献
7.
8.
Tom Goovaerts Bart De Win Wouter Joosen 《Electronic Notes in Theoretical Computer Science》2008,197(1):31
State-of-the-art security mechanisms are often enforced in isolation from each other, which limits the kinds of policies that can be enforced in distributed and heterogeneous settings. More specifically, it is hard to enforce application-level policies that affect, or use information from multiple distributed components. This paper proposes the concept of a Security Service Bus (SSB), which is a dedicated communication channel between the applications and the different security mechanisms. The SSB treats the security mechanisms as reusable, stand-alone security services that can be bound to the applications and it allows the enforcement of advanced policies by providing uniform access to application-level information. This leads to a security infrastructure that is more flexible and more manageable and that can enforce more expressive policies. 相似文献
9.
10.
工作流管理系统中规则处理问题研究 总被引:5,自引:0,他引:5
工作流管理技术作为一种重要的过程管理技术,在并行工程、企业过程重组等研究领域都获得了广泛的应用。但其在工程实施中也还存在着明显不足,主要表现在工作流的运行缺乏适应性。针对这个问题,文章讨论了ECA规则的形式化描述,提出了工作流引擎的运行控制单元模型,并在此基础上分别详细讨论了事件与规则的表示与应用。 相似文献