Date Added: Jan 2010
A key issue in network security management is how to define a formal security policy. A good policy specification should be easy to get right and relatively stable, even in a dynamically changing network. Much work has been done in automating network security management. But the policy languages used are usually operational and do not explicitly express the underlying security goal. The paper proposes an approach where policy is defined as statements of desired security properties, whose compliance can be checked automatically by analyzing the configuration of the network. The paper uses a simple policy model, the Data Access-Control List (DACL) to demonstrate this idea.