A. Armando, Silvio Ranise, Riccardo Traverso, K. Wrona
{"title":"基于smt的工具,用于分析和执行北约基于内容的保护和发布政策","authors":"A. Armando, Silvio Ranise, Riccardo Traverso, K. Wrona","doi":"10.1145/2752952.2752954","DOIUrl":null,"url":null,"abstract":"NATO is developing a new IT infrastructure for automated information sharing between different information security domains and supporting dynamic and flexible enforcement of the need-to-know principle. In this context, the Content-based Protection and Release (CPR) model has been introduced to support the specification and enforcement of NATO access control policies. While the ability to define fine-grained security policies for a large variety of users, resources, and devices is desirable, their definition, maintenance, and enforcement can be difficult, time-consuming, and error prone. In this paper, we give an overview of a tool capable of assisting NATO security personnel in these tasks by automatically solving several policy analysis problems of practical interest. The tool levarages state-of-the-art SMT solvers.","PeriodicalId":305802,"journal":{"name":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A SMT-based Tool for the Analysis and Enforcement of NATO Content-based Protection and Release Policies\",\"authors\":\"A. Armando, Silvio Ranise, Riccardo Traverso, K. Wrona\",\"doi\":\"10.1145/2752952.2752954\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"NATO is developing a new IT infrastructure for automated information sharing between different information security domains and supporting dynamic and flexible enforcement of the need-to-know principle. In this context, the Content-based Protection and Release (CPR) model has been introduced to support the specification and enforcement of NATO access control policies. While the ability to define fine-grained security policies for a large variety of users, resources, and devices is desirable, their definition, maintenance, and enforcement can be difficult, time-consuming, and error prone. In this paper, we give an overview of a tool capable of assisting NATO security personnel in these tasks by automatically solving several policy analysis problems of practical interest. The tool levarages state-of-the-art SMT solvers.\",\"PeriodicalId\":305802,\"journal\":{\"name\":\"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2752952.2752954\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 20th ACM Symposium on Access Control Models and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2752952.2752954","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A SMT-based Tool for the Analysis and Enforcement of NATO Content-based Protection and Release Policies
NATO is developing a new IT infrastructure for automated information sharing between different information security domains and supporting dynamic and flexible enforcement of the need-to-know principle. In this context, the Content-based Protection and Release (CPR) model has been introduced to support the specification and enforcement of NATO access control policies. While the ability to define fine-grained security policies for a large variety of users, resources, and devices is desirable, their definition, maintenance, and enforcement can be difficult, time-consuming, and error prone. In this paper, we give an overview of a tool capable of assisting NATO security personnel in these tasks by automatically solving several policy analysis problems of practical interest. The tool levarages state-of-the-art SMT solvers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
