Security rules versus Security properties - Sorbonne Université Access content directly
Conference Papers Year : 2010

Security rules versus Security properties


There exist many approaches to specify and to define security policies. We present here a framework in which the basic components of security policies can be expressed, and we identify their role in the description of a policy, of a system and of a secure system. In this setting, we formally describe two approaches to define policies, and we relate them: the rule-based approach consists of specifying the conditions under which an action is granted and, the property-based approach consists of specifying the security properties the policy aims to enforce. We also show how a policy can be applied to constrain an existing system, and how a secure system can be defined from a security policy.
Fichier principal
Vignette du fichier
jaume.pdf (216.82 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-00593937 , version 1 (18-05-2011)



Mathieu Jaume. Security rules versus Security properties. Sixth International Conference on Information Systems Security (ICISS 2010), Dec 2010, Gandhinagar, India. pp.231-245, ⟨10.1007/978-3-642-17714-9_17⟩. ⟨hal-00593937⟩
132 View
172 Download



Gmail Mastodon Facebook X LinkedIn More