A novel logic-based automatic approach to constructing compliant security policies |
| |
Affiliation: | BAO YiBao1,2,4,YIN LiHua1,FANG BinXing 1,3&GUO Li 1 1Institute of Computing Technology,Chinese Academy of Sciences,Beijing 100190,China;2Institute of Electronic Technology,Information Engineering University,Zhengzhou 450004,China;3Beijing University of Posts and Telecommunications,Beijing 100190,China;4Graduate University,the Chinese Academy of Science,Beijing 100049,China |
| |
Abstract: | It is significant to automatically detect and resolve the incompliance in security policy.Most existing works in this field focus on compliance verification,and few of them provide approaches to automatically correct the incompliant security policies.This paper proposes a novel approach to automatically transform a given security policy into a compliant one.Given security policy Π and delegation policy M declared by logic programs,the approach automatically rewrites Π into a new one ΠM which is compliant with M and is readable by the humans.We prove that the algorithm is sound and complete under noninterference assumption.Formally,we show that the security policy query evaluation algorithm with conflict and unsettlement resolution still works very well on ΠM.The approach is automatic,so it doesn’t require a administrator with excess abilities.In this sense,our proposal can help us to save much manpower resource in security management and improves the security assurance abilities. |
| |
Keywords: | security policy rewriting logic program compliance |
本文献已被 CNKI 等数据库收录! |
|