On security policy migrations
On security policy migrations
Citació
- Lobo J, Bertino E, Russos A. On security policy migrations. In: SACMAT '20: Proceedings of the 25th ACM Symposium on Access Control Models and Technologies; 2020 Jun 10-12; Barcelona, Spain. New York: Association for Computing Machinery; 2020. p. 179-88. DOI: 10.1145/3381991.3395613
Enllaç permanent
Descripció
Resum
There has been over the past decade a rapid change towards computational environments that are comprised of large and diverse sets of devices, many of them mobile, which can connect in flexible and context-dependent ways. Examples range from networks where we can have communications between powerful cloud centers, to the myriad of simple sensor devices on the IoT. As the management of these dynamic environments becomes ever more complex, we want to propose policy migrations as a methodology to simplify the management of security policies by re-utilizing and re-deploying existing policies as the systems change. We are interested in understanding the challenges raised answering the following question: given a security policy that is being enforced in a particular source computational device, what does it entail to migrate this policy to be enforced in a different target device? Because of the differences between devices and because these devices cannot be seen in isolation but in the context where they are deployed, the meaning of the policy enforced in the source device needs to be re-interpreted and implemented in the context of the target device. The aim of the paper is to present a formal framework to evaluate the appropriateness of the migration.Descripció
Comunicació presentada al SACMAT '20: The 25th ACM Symposium on Access Control Models and Technologies, celebrat del 10 al 12 de juny de 2020 a Barcelona, Espanya.