Methods and limitations of security policy reconciliation

Patrick McDaniel; Atul Prakash

doi:10.1109/SECPRI.2002.1004363

Methods and limitations of security policy reconciliation

Patrick McDaniel, Atul Prakash

Research output: Contribution to journal › Article › peer-review

36 Scopus citations

Abstract

A security policy is a means by which participant session requirements are specified. However, existing frameworks provide limited facilities for the automated reconciliation of participant policies. This paper considers the limits and methods of reconciliation in a general-purpose policy model. We identify an algorithm for efficient two-policy reconciliation, and show that, in the worst-case, reconciliation of three or more policies is intractable. Further, we suggest efficient heuristics for the detection and resolution of intractable reconciliation. Based upon the policy model, we describe the design and implementation of the Ismene policy language. The expressiveness of Ismene, and indirectly of our model, is demonstrated through the representation and exposition of policies supported by existing policy languages. We conclude with brief notes on the integration and enforcement of Ismene policy within the Antigone communication system.

Original language	English (US)
Pages (from-to)	73-87
Number of pages	15
Journal	Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy
DOIs	https://doi.org/10.1109/SECPRI.2002.1004363
State	Published - 2002

All Science Journal Classification (ASJC) codes

Software

Access to Document

10.1109/SECPRI.2002.1004363

Cite this

@article{2e91f2f3fa0d4e88adb714306bdcf056,

title = "Methods and limitations of security policy reconciliation",

abstract = "A security policy is a means by which participant session requirements are specified. However, existing frameworks provide limited facilities for the automated reconciliation of participant policies. This paper considers the limits and methods of reconciliation in a general-purpose policy model. We identify an algorithm for efficient two-policy reconciliation, and show that, in the worst-case, reconciliation of three or more policies is intractable. Further, we suggest efficient heuristics for the detection and resolution of intractable reconciliation. Based upon the policy model, we describe the design and implementation of the Ismene policy language. The expressiveness of Ismene, and indirectly of our model, is demonstrated through the representation and exposition of policies supported by existing policy languages. We conclude with brief notes on the integration and enforcement of Ismene policy within the Antigone communication system.",

author = "Patrick McDaniel and Atul Prakash",

year = "2002",

doi = "10.1109/SECPRI.2002.1004363",

language = "English (US)",

pages = "73--87",

journal = "Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy",

issn = "1063-7109",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - Methods and limitations of security policy reconciliation

AU - McDaniel, Patrick

AU - Prakash, Atul

PY - 2002

Y1 - 2002

N2 - A security policy is a means by which participant session requirements are specified. However, existing frameworks provide limited facilities for the automated reconciliation of participant policies. This paper considers the limits and methods of reconciliation in a general-purpose policy model. We identify an algorithm for efficient two-policy reconciliation, and show that, in the worst-case, reconciliation of three or more policies is intractable. Further, we suggest efficient heuristics for the detection and resolution of intractable reconciliation. Based upon the policy model, we describe the design and implementation of the Ismene policy language. The expressiveness of Ismene, and indirectly of our model, is demonstrated through the representation and exposition of policies supported by existing policy languages. We conclude with brief notes on the integration and enforcement of Ismene policy within the Antigone communication system.

AB - A security policy is a means by which participant session requirements are specified. However, existing frameworks provide limited facilities for the automated reconciliation of participant policies. This paper considers the limits and methods of reconciliation in a general-purpose policy model. We identify an algorithm for efficient two-policy reconciliation, and show that, in the worst-case, reconciliation of three or more policies is intractable. Further, we suggest efficient heuristics for the detection and resolution of intractable reconciliation. Based upon the policy model, we describe the design and implementation of the Ismene policy language. The expressiveness of Ismene, and indirectly of our model, is demonstrated through the representation and exposition of policies supported by existing policy languages. We conclude with brief notes on the integration and enforcement of Ismene policy within the Antigone communication system.

UR - http://www.scopus.com/inward/record.url?scp=0036086451&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0036086451&partnerID=8YFLogxK

U2 - 10.1109/SECPRI.2002.1004363

DO - 10.1109/SECPRI.2002.1004363

M3 - Article

AN - SCOPUS:0036086451

SN - 1063-7109

SP - 73

EP - 87

JO - Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy

JF - Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy

ER -

Methods and limitations of security policy reconciliation

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this