pdfreaders.org

A Framework for Managing and Analyzing Changes of Security Policies

by Achim D. Brucker and Helmut Petritsch

Cover for brucker.ea:framework:2011.Modern enterprise systems need to comply to complex security policies. Due to legal regulations such as Basel II or HIPAA, the enforcement of these security policies needs to be carefully monitored and analyzed. The monitoring of complex and often dynamic access control requirements results in a vast amount of information that needs to be analyzed both in case of incidents and during regular audits.

We present an extensible framework for managing and analyzing security policies during their whole life cycle. Our framework integrates versioning of policies and logfiles with policy animation, static analysis, and debugging techniques. For example, this combination allows for comparing different versions of security policies or the replaying and animation of system traces based on logfiles.

Keywords: security policies, versioning, runtime monitoring
Categories:
Documents: (full text as PDF file)

QR Code for brucker.ea:framework:2011.Please cite this article as follows:
Achim D. Brucker and Helmut Petritsch. A Framework for Managing and Analyzing Changes of Security Policies. In IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY). , pages 105-112, IEEE Computer Society, 2011.
Keywords: security policies, versioning, runtime monitoring
(full text as PDF file) (BibTeX) (Endnote) (RIS) (Word) (doi:10.1109/POLICY.2011.47) (Share article on LinkedIn. Share article on CiteULike. )

BibTeX
@InProceedings{ brucker.ea:framework:2011,
abstract = {Modern enterprise systems need to comply to complex security policies. Due to legal regulations such as Basel II or HIPAA, the enforcement of these security policies needs to be carefully monitored and analyzed. The monitoring of complex and often dynamic access control requirements results in a vast amount of information that needs to be analyzed both in case of incidents and during regular audits.\\\\We present an extensible framework for managing and analyzing security policies during their whole life cycle. Our framework integrates versioning of policies and logfiles with policy animation, static analysis, and debugging techniques. For example, this combination allows for comparing different versions of security policies or the replaying and animation of system traces based on logfiles.},
address = {Los Alamitos, CA, USA},
author = {Achim D. Brucker and Helmut Petritsch},
booktitle = {IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY)},
doi = {10.1109/POLICY.2011.47},
isbn = {978-0-7695-4330-7/11},
keywords = {security policies, versioning, runtime monitoring},
month = {jun},
pages = {105--112},
pdf = {https://www.brucker.ch/bibliography/download/2011/brucker.ea-framework-2011.pdf},
publisher = {IEEE Computer Society},
title = {A Framework for Managing and Analyzing Changes of Security Policies},
url = {https://www.brucker.ch/bibliography/abstract/brucker.ea-framework-2011},
year = {2011},
}