A Framework for Managing and Analyzing Changes of Security Policies

@InProceedings{ brucker.ea:framework:2011,
  author    = {Achim D. Brucker and Helmut Petritsch},
  title     = {A Framework for Managing and Analyzing Changes of Security
               Policies},
  booktitle = {IEEE International Symposium on Policies for Distributed
               Systems and Networks (POLICY) },
  areas     = {security},
  year      = {2011},
  month     = {jun},
  abstract  = {Modern enterprise systems need to comply to complex security
               policies. Due to legal regulations such as Basel II or HIPAA,
               the enforcement of these security policies needs to be
               carefully monitored and analyzed. The monitoring of complex
               and often dynamic access control requirements results in a
               vast amount of information that needs to be analyzed both in
               case of incidents and during regular audits.
               
               We present an extensible framework for managing and analyzing
               security policies during their whole life cycle. Our framework
               integrates versioning of policies and logfiles with policy
               animation, static analysis, and debugging techniques. For
               example, this combination allows for comparing different
               versions of security policies or the replaying and animation
               of system traces based on logfiles.},
  publisher = {IEEE Computer Society },
  address   = {Los Alamitos, CA, USA },
  keywords  = {Security Policies, Versioning, Runtime Monitoring},
  doi       = {10.1109/POLICY.2011.47},
  pages     = {105--112},
  isbn      = {978-0-7695-4330-7/11},
  note      = {Author copy: \url{https://logicalhacking.com/publications/brucker.ea-framework-2011/}},
  pdf       = {https://logicalhacking.com/publications/brucker.ea-framework-2011/brucker.ea-framework-2011.pdf},
}