There exist many approaches to specify and to define security policies. We present here a framework in which the basic components of security policies can be expressed, and we identify their role in the description of a policy, of a system and of a secure system. In this setting, we formally describe two approaches to define policies, and we relate them: the rule-based approach consists of specifying the conditions under which an action is granted and, the property-based approach consists of specifying the security properties the policy aims to enforce. We also show how a policy can be applied to constrain an existing system, and how a secure system can be defined from a security policy. © 2010 Springer-Verlag.
CITATION STYLE
Jaume, M. (2010). Security rules versus security properties. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6503 LNCS, pp. 231–245). https://doi.org/10.1007/978-3-642-17714-9_17
Mendeley helps you to discover research relevant for your work.