实用的政策模式

CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2011-02-21 DOI:10.1145/1943513.1943543

D. Thomsen

{"title":"实用的政策模式","authors":"D. Thomsen","doi":"10.1145/1943513.1943543","DOIUrl":null,"url":null,"abstract":"The paper attempts to encourage deeper thinking about the nature of security enforcement policies with the intent of fostering a practical engineering design approach for building security enforcement policy. The paper suggests several approaches to lower the cost of developing security enforcement policies by developing technology to share enforcement policies like open source software, including patterns, isolation of site specific policy and tools to increase the ability of humans to understand the implemented policy. The paper also suggests research avenues for increasing human understanding of enforcement policy.","PeriodicalId":90472,"journal":{"name":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","volume":"293 1-2 1","pages":"225-230"},"PeriodicalIF":0.0000,"publicationDate":"2011-02-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Practical policy patterns\",\"authors\":\"D. Thomsen\",\"doi\":\"10.1145/1943513.1943543\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The paper attempts to encourage deeper thinking about the nature of security enforcement policies with the intent of fostering a practical engineering design approach for building security enforcement policy. The paper suggests several approaches to lower the cost of developing security enforcement policies by developing technology to share enforcement policies like open source software, including patterns, isolation of site specific policy and tools to increase the ability of humans to understand the implemented policy. The paper also suggests research avenues for increasing human understanding of enforcement policy.\",\"PeriodicalId\":90472,\"journal\":{\"name\":\"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy\",\"volume\":\"293 1-2 1\",\"pages\":\"225-230\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-02-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1943513.1943543\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1943513.1943543","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

本文试图鼓励对安全执行策略的本质进行更深入的思考，旨在培养构建安全执行策略的实用工程设计方法。本文提出了几种方法来降低开发安全执行策略的成本，方法包括开发共享执行策略(如开源软件)的技术，包括模式、站点特定策略的隔离以及提高人们理解所实施策略的能力的工具。本文还提出了提高人类对执法政策理解的研究途径。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Practical policy patterns

The paper attempts to encourage deeper thinking about the nature of security enforcement policies with the intent of fostering a practical engineering design approach for building security enforcement policy. The paper suggests several approaches to lower the cost of developing security enforcement policies by developing technology to share enforcement policies like open source software, including patterns, isolation of site specific policy and tools to increase the ability of humans to understand the implemented policy. The paper also suggests research avenues for increasing human understanding of enforcement policy.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy

自引率

0.00%

发文量