-
- Lomsak Daniel
- Department of Computer Science and Engineering, University of South Florida
-
- Ligatti Jay
- Department of Computer Science and Engineering, University of South Florida
この論文をさがす
抄録
Complex software-security policies are difficult to specify, understand, and update. The same is true for complex software in general, but while many tools and techniques exist for decomposing complex general software into simpler reusable modules (packages, classes, functions, aspects, etc.), few tools exist for decomposing complex security policies into simpler reusable modules. The tools that do exist for modularizing policies either encapsulate entire policies as atomic modules that cannot be decomposed or allow fine-grained policy modularization but require expertise to use correctly. This paper presents PoliSeer, a GUI-based tool designed to enable users who are not expert policy engineers to flexibly specify, visualize, modify, and enforce complex runtime policies on untrusted software. PoliSeer users rely on expert policy engineers to specify universally composable policy modules; PoliSeer users then build complex policies by composing those expert-written modules. This paper describes the design and implementation of PoliSeer and a case study in which we have used PoliSeer to specify and enforce a policy on PoliSeer itself.
収録刊行物
-
- Journal of Information Processing
-
Journal of Information Processing 19 292-306, 2011
一般社団法人 情報処理学会
- Tweet
詳細情報 詳細情報について
-
- CRID
- 1390001205295197184
-
- NII論文ID
- 170000144627
- 110008508040
-
- NII書誌ID
- AN00116647
-
- ISSN
- 18827764
- 18827837
- 18826652
- 03875806
-
- NDL書誌ID
- 024148553
-
- 本文言語コード
- en
-
- データソース種別
-
- JaLC
- IRDB
- NDL
- Crossref
- CiNii Articles
-
- 抄録ライセンスフラグ
- 使用不可