Find information:
[5-10]Policies for Security
Date:2011-05-05
Title:Policies for Security
Speaker:Hanne Riis Nielson, The Technical University of Denmark
Speaker:Hanne Riis Nielson, The Technical University of Denmark
Time:10am, Tuesday, May 10
Venue:Lecture room, Level 3 Building #5, Lab for Computer Science, Institute of Software, CAS
Venue:Lecture room, Level 3 Building #5, Lab for Computer Science, Institute of Software, CAS
Abstract:
In this talk we address the challenge of enforcing security policies in a distributed setting. We show how techniques from aspect-oriented programming can be integrated in a coordination approach to system specification thereby providing a clear separation between the functionality and the security policies of programs. Allowing for a distributed definition of advices, that jointly define a security policy, provide for a number of challenges regarding how to deal with conflicts and how to demonstrate that an overall security policy is met. We adapt a rich set of policy composition operators originating from Belnap Logic to provide a uniform treatment of conflicts. We extend the approach to enforcing security policies in a settings involving humans and where a determined attacker always has a chance of circumventing any security. For this we introduce a probabilistic version of Belnap logic and the formalisation of the semantics now gives rise to Markov Decision Processes. We motivate our approach by two examples: a health care scenario and an airport security system. This is joint work with Flemming Nielson (DTU) and Chris Hankin (ICL).
In this talk we address the challenge of enforcing security policies in a distributed setting. We show how techniques from aspect-oriented programming can be integrated in a coordination approach to system specification thereby providing a clear separation between the functionality and the security policies of programs. Allowing for a distributed definition of advices, that jointly define a security policy, provide for a number of challenges regarding how to deal with conflicts and how to demonstrate that an overall security policy is met. We adapt a rich set of policy composition operators originating from Belnap Logic to provide a uniform treatment of conflicts. We extend the approach to enforcing security policies in a settings involving humans and where a determined attacker always has a chance of circumventing any security. For this we introduce a probabilistic version of Belnap logic and the formalisation of the semantics now gives rise to Markov Decision Processes. We motivate our approach by two examples: a health care scenario and an airport security system. This is joint work with Flemming Nielson (DTU) and Chris Hankin (ICL).