{"title":"分布式系统基于策略安全的DSL框架","authors":"Hédi Hamdi, M. Mosbah","doi":"10.1109/SSIRI.2009.43","DOIUrl":null,"url":null,"abstract":"Securing distributed systems remains a significant challenge for several reasons. First, the security features required in an application may depend on the environment in which the application is operating, the type of data exchanged, and the capability of the end-points of communication. Second, the security mechanisms deployed could apply to both communication and application layers in the system, making it difficult to understand and manage overall system security. This paper presents a policy-based approach to meeting these needs. We propose a framework based on a Domain-Specific Language for the specification, verification and implementation of security policies for distributed systems. Based on a set of abstractions, this framework allows to develop modular security policies and independent of the underlying system. Thus, security policies can be developed by a developer who is not necessarily computer security expert.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"A DSL Framework for Policy-Based Security of Distributed Systems\",\"authors\":\"Hédi Hamdi, M. Mosbah\",\"doi\":\"10.1109/SSIRI.2009.43\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Securing distributed systems remains a significant challenge for several reasons. First, the security features required in an application may depend on the environment in which the application is operating, the type of data exchanged, and the capability of the end-points of communication. Second, the security mechanisms deployed could apply to both communication and application layers in the system, making it difficult to understand and manage overall system security. This paper presents a policy-based approach to meeting these needs. We propose a framework based on a Domain-Specific Language for the specification, verification and implementation of security policies for distributed systems. Based on a set of abstractions, this framework allows to develop modular security policies and independent of the underlying system. Thus, security policies can be developed by a developer who is not necessarily computer security expert.\",\"PeriodicalId\":196276,\"journal\":{\"name\":\"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-07-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SSIRI.2009.43\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SSIRI.2009.43","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A DSL Framework for Policy-Based Security of Distributed Systems
Securing distributed systems remains a significant challenge for several reasons. First, the security features required in an application may depend on the environment in which the application is operating, the type of data exchanged, and the capability of the end-points of communication. Second, the security mechanisms deployed could apply to both communication and application layers in the system, making it difficult to understand and manage overall system security. This paper presents a policy-based approach to meeting these needs. We propose a framework based on a Domain-Specific Language for the specification, verification and implementation of security policies for distributed systems. Based on a set of abstractions, this framework allows to develop modular security policies and independent of the underlying system. Thus, security policies can be developed by a developer who is not necessarily computer security expert.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
