User-oriented Network Security Policy
Specification 1Politecnico
di Torino, DAUIN, corso duca
degli Abruzzi 24, Turin, Italy {fulvio.valenza, antonio.lioy}@polito.it
Abstract The configuration of security controls and
applications is complex and not well understood by the majority of end-users
(i.e. it typically requires specific skills). The security policy language
simplifies this task and reduces the number of errors and anomalies. This
paper proposes the specification of the two mechanisms for defining user’s
security policies, namely High-level Security Policy Language (HSPL) and
Medium-level Security Policy Language (MSPL). HSPL is suitable for expressing
the protection requirements of typical non-technical users, while MSPL is a
lower-level abstraction useful for expressing specific configurations of
security controls in a generic format (as such it is more appealing for
technical users). Keywords: network security policy, security
requirement, policy refinement +: Corresponding author: Fulvio Valenza
Journal
of Internet Services and Information Security
(JISIS), 8(2): 33-47, May 2018
|