Skip to main content
Springer Nature Link
Log in

Towards an Algebra for Security Policies

(Extended Abstract)

  • Conference paper
Applications and Theory of Petri Nets 2005 (ICATPN 2005)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3536))

Included in the following conference series:

Abstract

Clashing security policies leads to vulnerabilities. Violating security policies leads to vulnerabilities. A system today operates in the context of a multitude of security policies, often one per application, one per process, one per user. The more security policies that have to be simultaneously satisfied, the more likely the possibility of a clash or violation, and hence the more vulnerable our system is to attack. Moreover, over time a system’s security policies will change. These changes occur at small-scale time steps, e.g., using setuid to temporarily grant a process additional access rights; and at large-scale time steps, e.g., when a user changes his browser’s security settings. We address the challenge of determining when a system is in a consistent state in the presence of diverse, numerous, and dynamic interacting security policies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Dean, D., Felten, E.W., Wallach, D.S.: Java Security: From HotJava to Netscape and Beyond. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, Oakland, CA (May 1996)

    Google Scholar 

  2. Nielson, S., Fogarty, S.J., Wallach, D.S.: Attacks on Local Searching Tools. Technical Report TR04-445, Department of Computer Science, Rice University (December 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Microsoft Research, One Microsoft Way, Redmond, WA, 98052

    Jon Pincus

  2. Computer Science Department, Carnegie Mellon University, 5000 Forbes Avenue, Pittsburgh, PA, 15213

    Jeannette M. Wing

Authors
  1. Jon Pincus
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jeannette M. Wing
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. UC Riverside,  

    Gianfranco Ciardo

  2. IRISA, CNRS & INRIA, Rennes, France

    Philippe Darondeau

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pincus, J., Wing, J.M. (2005). Towards an Algebra for Security Policies. In: Ciardo, G., Darondeau, P. (eds) Applications and Theory of Petri Nets 2005. ICATPN 2005. Lecture Notes in Computer Science, vol 3536. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11494744_3

Download citation

  • DOI: https://doi.org/10.1007/11494744_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26301-2

  • Online ISBN: 978-3-540-31559-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics