Security Policy Consistency
Carlos Ribeiro, Andre Zuquete, Paulo Ferreira, Paulo Guedes
TL;DR
This paper presents a tool based on CHR language that detects various inconsistencies within and across security policies and workflow specifications, addressing a broad and previously underexplored problem.
Contribution
It introduces a novel approach using CHR to identify multiple types of security policy inconsistencies, filling a gap in existing conflict detection methods.
Findings
The tool successfully detects multiple inconsistency types.
It handles inconsistencies within individual policies and between policies and workflows.
Addresses a broad range of security policy conflicts.
Abstract
With the advent of wide security platforms able to express simultaneously all the policies comprising an organization's global security policy, the problem of inconsistencies within security policies become harder and more relevant. We have defined a tool based on the CHR language which is able to detect several types of inconsistencies within and between security policies and other specifications, namely workflow specifications. Although the problem of security conflicts has been addressed by several authors, to our knowledge none has addressed the general problem of security inconsistencies, on its several definitions and target specifications.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAccess Control and Trust · Security and Verification in Computing · Information and Cyber Security