Expressing security policies to govern distributed systems is a complex and error-prone task. Policies are hard to understand, often expressed with unfriendly syntax, making it difficult to security administrators and to business analysts to create intelligible specifications. We introduce the Hierarchical Policy Language for Distributed Systems (HiPoLDS ). HiPoLDS has been designed to enable the specification of security policies in distributed systems in a concise, readable, and extensible way. HiPoLDS's design focuses on decentralized execution environments under the control of multiple stakeholders. Policy enforcement employs distributed reference monitors who control the flow of information between services. HiPoLDS allows the definition of both abstract and concrete policies, expressing respectively high-level properties required and concrete implementation details to be ultimately introduced into the service implementation.
HiPoLDS: A security policy language for distributed systems
WISTP 2012, 6th Workshop in Information Security Theory and Practice, June 20-22, 2012, London, UK / To be pusblised also in LCNS, Springer, Volume 7322/2012
Type:
Conférence
City:
London
Date:
2012-06-20
Department:
Sécurité numérique
Eurecom Ref:
3658
Copyright:
© Springer. Personal use of this material is permitted. The definitive version of this paper was published in WISTP 2012, 6th Workshop in Information Security Theory and Practice, June 20-22, 2012, London, UK / To be pusblised also in LCNS, Springer, Volume 7322/2012 and is available at : http://dx.doi.org/10.1007/978-3-642-30955-7_10
PERMALINK : https://www.eurecom.fr/publication/3658
