WEKO3
-
RootNode
アイテム
PoliSeer: A Tool for Managing Complex Security Policies
https://ipsj.ixsq.nii.ac.jp/records/75245
https://ipsj.ixsq.nii.ac.jp/records/7524582a69435-570f-4875-9d22-49bdd987ce56
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL5207008.pdf (1.1 MB)
|
Copyright (c) 2011 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||
|---|---|---|---|---|---|---|---|---|
| 公開日 | 2011-07-15 | |||||||
| タイトル | ||||||||
| タイトル | PoliSeer: A Tool for Managing Complex Security Policies | |||||||
| タイトル | ||||||||
| 言語 | en | |||||||
| タイトル | PoliSeer: A Tool for Managing Complex Security Policies | |||||||
| 言語 | ||||||||
| 言語 | eng | |||||||
| キーワード | ||||||||
| 主題Scheme | Other | |||||||
| 主題 | Special Issue on Trust Management | |||||||
| 資源タイプ | ||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||
| 資源タイプ | journal article | |||||||
| 著者所属 | ||||||||
| Department of Computer Science and Engineering, University of South Florida | ||||||||
| 著者所属 | ||||||||
| Department of Computer Science and Engineering, University of South Florida | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Department of Computer Science and Engineering, University of South Florida | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Department of Computer Science and Engineering, University of South Florida | ||||||||
| 著者名 |
Daniel, Lomsak
Jay, Ligatti
× Daniel, Lomsak Jay, Ligatti
|
|||||||
| 著者名(英) |
Daniel, Lomsak
Jay, Ligatti
× Daniel, Lomsak Jay, Ligatti
|
|||||||
| 論文抄録 | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | Complex software-security policies are difficult to specify, understand, and update. The same is true for complex software in general, but while many tools and techniques exist for decomposing complex general software into simpler reusable modules (packages, classes, functions, aspects, etc.), few tools exist for decomposing complex security policies into simpler reusable modules. The tools that do exist for modularizing policies either encapsulate entire policies as atomic modules that cannot be decomposed or allow fine-grained policy modularization but require expertise to use correctly. This paper presents PoliSeer, a GUI-based tool designed to enable users who are not expert policy engineers to flexibly specify, visualize, modify, and enforce complex runtime policies on untrusted software. PoliSeer users rely on expert policy engineers to specify universally composable policy modules; PoliSeer users then build complex policies by composing those expert-written modules. This paper describes the design and implementation of PoliSeer and a case study in which we have used PoliSeer to specify and enforce a policy on PoliSeer itself. | |||||||
| 論文抄録(英) | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | Complex software-security policies are difficult to specify, understand, and update. The same is true for complex software in general, but while many tools and techniques exist for decomposing complex general software into simpler reusable modules (packages, classes, functions, aspects, etc.), few tools exist for decomposing complex security policies into simpler reusable modules. The tools that do exist for modularizing policies either encapsulate entire policies as atomic modules that cannot be decomposed or allow fine-grained policy modularization but require expertise to use correctly. This paper presents PoliSeer, a GUI-based tool designed to enable users who are not expert policy engineers to flexibly specify, visualize, modify, and enforce complex runtime policies on untrusted software. PoliSeer users rely on expert policy engineers to specify universally composable policy modules; PoliSeer users then build complex policies by composing those expert-written modules. This paper describes the design and implementation of PoliSeer and a case study in which we have used PoliSeer to specify and enforce a policy on PoliSeer itself. | |||||||
| 書誌レコードID | ||||||||
| 収録物識別子タイプ | NCID | |||||||
| 収録物識別子 | AN00116647 | |||||||
| 書誌情報 |
情報処理学会論文誌 巻 52, 号 7, p. 2126-2140, 発行日 2011-07-15 |
|||||||
| ISSN | ||||||||
| 収録物識別子タイプ | ISSN | |||||||
| 収録物識別子 | 1882-7764 | |||||||
