Management of Exceptions on Access Control Policies
| Contribuinte(s) |
K-ryptography and Information Security for Open Networks. KISON |
|---|---|
| Resumo |
Peer-reviewed The use of languages based on positive or negative expressiveness is very common for the deployment of security policies (i.e., deployment of permissions and prohibitions on firewalls through single-handed positive or negative condition attributes). Although these languages may allow us to specify any policy, the single use of positive or negative statements alone leads to complex configurations when excluding some specific cases of general rules that should always apply. In this paper we survey such a management and study existing solutions, such as ordering of rules and segmentation of condition attributes, in order to settle this lack of expressiveness. |
| Identificador | |
| Idioma(s) |
eng |
| Direitos |
Consulteu les condicions d'ús d'aquest document en el repositori original:<a href="http://hdl.handle.net/10609/1416">http://hdl.handle.net/10609/1416</a> |
| Fonte |
http://hdl.handle.net/10363/614 |
| Palavras-Chave | #Computer networks -- Security measures #Computer security #Firewalls (Computer security) #Ordinadors, Xarxes d' -- Mesures de seguretat #Informàtica -- Mesures de seguretat #Tallafocs (Seguretat informàtica) #Ordenadores, Redes de -- Medidas de seguridad #Informática -- Medidas de seguridad #Cortafuegos (Seguridad informática) |
| Tipo |
Conference lecture |
