期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2008
卷号:8
期号:2
页码:60-71
出版社:International Journal of Computer Science and Network Security
摘要:A security policy presents a critical component of the overall security architecture and an essential basis on which an effective and comprehensive security program can be developed. Although, this necessity and this criticality, little progress has been made to improve tools of specification and enforcement of security policy. Too often, existent approaches have been restrictive in many ways. This paper presents a declarative approach based on domain specific languages to overcome these problems. We define a language, named PPL (Policy Programming Language), dedicated to systematically specify and to automatically enforce security. Unlike a general-purpose language, PPL offers high-level and declarative constructs, it allows a specification to be checked for consistency, it reduces human error, it simplifies policy analysis, it reduces policy conflicts.
Loading...
