Executable Security Policies: Specification and Validation of Security Policies

Free registration required

Executive Summary

Security Policies constitute the core of network protection infrastructures. However, their development is a sensitive task because it can be in opposition with the security requirements (e.g. lack of rule or conflicting rules). A specification task seems to be indispensible in order to clarify the desired exigencies. A validation process for security policies becomes then necessary before their deployment to avoid resources network damages. Nowadays, there is no automated tool in the network security world allowing such task. Moreover, the authors have found that the theory developed for this aim in the software engineering domain can be adapted for security policies because several similarities exist between the expressions of the needs in the two domains as mentioned in several studies.

  • Format: PDF
  • Size: 400.3 KB