Deriving enforcement mechanisms for policies
Policies provide a flexible and scalable approach to the management of distributed systems by separating the specification of security requirements and their enforcement. This paper addresses the development of enforcement mechanisms from a theoretical perspective and shows how enforcement code can be formally derived for compositional, history-dependent policies that can change dynamically over time or on the occurrence of events. The work is currently supported by the MoD-funded DIF-DTC projects: "Secure and Trusted Agents for Information Fusion" and "Trust Management in Collaborative Systems". The technology behind this work is known as SANTA which is now being exploited by GD Ltd.
Citation : Zedan, H. et al. (2007) Deriving enforcement mechanisms for policies, Proceedings of the 8th IEEE International workshop on policies for distributed systems and networks policy 2007, pp. 161-170.
ISBN : 0-7695-2767-1
Research Group : Software Technology Research Laboratory (STRL)
Research Institute : Cyber Technology Institute (CTI)