Security and management policy specification

被引：79

作者：

Sloman, M ^{[1
]}

Lupu, E ^{[1
]}

机构：

[1] Univ London Imperial Coll Sci Technol & Med, Dept Comp, Distributed Software Engn Sect, London SW7 2AZ, England

来源：

IEEE NETWORK | 2002年 / 16卷 / 02期

基金：

英国工程与自然科学研究理事会;

关键词：

D O I：

10.1109/65.993218

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Policies are rules governing the choices in behavior of a system. They are increasingly being used as a means of implementing flexible and adaptive systems for management of Internet services, networks, and security systems. There is also a need for a common specification of security policy for large-scale multi-organizational systems where access control is implemented in a variety of heterogeneous components. In this article we survey both security and management policy specification approaches, concentrating on practical systems in which the policy specification can be directly translated into an implementation.

引用

页码：10 / 19

页数：10

共 32 条

[1]

AAGEDAL O, 1999, P EDOC 99 GERM SEPT, P60

[2]

*ACM, 1995, P 1 ACM NIST WKSP RO

[3]

BEARDEN M, 2001, INTEGRATING GOAL SPE, P153

[4]

Blanc X., 1999, Proceedings Third International Enterprise Distributed Object Computing. Conference (Cat. No.99EX366), P50, DOI 10.1109/EDOC.1999.792049

[5]

BLAZE M, 1996, IEE C SEC PRIV

[6]

BLAZE M, 1998, SEC PROT INT WKSP CA

[7]

CHEN F, 1995, P 1 ACM NIST ROL BAS

[8]

CORRADI AR, 2000, 16 ANN COMP SEC APP

[9]

Damianou N, 2001, LECT NOTES COMPUT SC, V1995, P18

[10]

DARIMONT R, 1998, P 20 INT C SOFTW ENG, V2, P58

← 1 2 3 4 →