Evaluating the comprehensive complexity of authorization-based access control policies using quantitative metricsReportar como inadecuado




Evaluating the comprehensive complexity of authorization-based access control policies using quantitative metrics - Descarga este documento en PDF. Documentación en PDF para descargar gratis. Disponible también para leer online.

1 RST - Département Réseaux et Services de Télécommunications 2 SAMOVAR - Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux 3 R3S-SAMOVAR - Réseaux, Systèmes, Services, Sécurité SAMOVAR - Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux

Abstract : Access control models allow flexible authoring and management of security policies, using high-level statements. They enable the expression of structured and expressive policies. However, they have an impact on the policy characteristics. The complexity of such policies is one of the affected characteristics. We propose a series of quantitative metrics to assess comprehensive complexity of policies. By comprehensive, we mean the difficulty of understanding a policy by administrators. We formalize the concepts of authorization-based access control models, to propose general metrics regardless of the model. We also show the application of the proposed metrics through a content management system CMS policy example. We outline a proof-of-concept to evaluate the feasibility of our proposal, based on SELinux policies for a general-purpose CMS

Keywords : ICT security Authorization Access control Quantitative security Security assurance Security metrics





Autor: Malek Belhaouane - Joaquin Garcia-Alfaro - Hervé Debar -

Fuente: https://hal.archives-ouvertes.fr/



DESCARGAR PDF




Documentos relacionados