Skip to main content
SpringerLink
Log in

A Knowledge-Based Repository Model for Security Policies Management

  • Conference paper
Computer Network Security (MMM-ACNS 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2776))

  • 767 Accesses

Abstract

Most organizations currently build customized security policies by extending the principles and guidelines suggested by generic security policies. This method cannot guarantee that the resulting policies are compatible, neither it can ensure that the resulting protection levels are equivalent. We introduce a Security Policies Repository (SPR), which consists of a knowledge base, storing multiple security policies in a structured way. The SPR facilitates the juxtaposition of security policies, in order to detect, analyze, and resolve conflicts, and to compare and negotiate the protection level of each of the co- operating information systems. Reconciliation of security policies is achieved by means of developing mutually accepted meta-policies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kokolakis, S., Gritzalis, D., Katsikas, S.: Generic security policies for healthcare information systems. Health Informatics Journal 4(3), 184–195 (1998)

    Article  Google Scholar 

  2. Kokolakis, S., Kiountouzis, E.A.: Achieving interoperability in a multiple-security-policies environment. Computers & Security 19(3), 267–281 (2000)

    Article  Google Scholar 

  3. Brewer, D., Nash, M.: The Chinese Wall Security Policy. In: Proc. of the 1989 IEEE Symposium on Security and Privacy, pp. 206–214. IEEE Press, Los Alamitos (1989)

    Chapter  Google Scholar 

  4. Lupu, E., Sloman, M.: Conflicts in policy-based distributed systems management. IEEE Transactions of Software Engineering 25(6) (1999)

    Google Scholar 

  5. Jarke, M., Gallersdorfer, R., Jeusfeld, M., Staudt, M., Eherer, S.: Concept Base: A deductive object base for metadata management. Journal of Intelligent Information Systems 4(2), 167–192 (1995)

    Article  Google Scholar 

  6. Mylopoulos, J., Borgida, A., Jarke, M., Koubarakis, M.: Telos: Representing knowledge about information systems. ACM Transactions on Information Systems 8(4), 325–362 (1990)

    Article  Google Scholar 

  7. Jeusfeld, M., Jarke, M., Nissen, H., Staudt, M.: ConceptBase: Managing conceptual models about information systems. In: Berns, et al. (eds.) Handbook of Architectures of Information Systems. Springer, Heidelberg (1998)

    Google Scholar 

  8. Gangopadhyay, D., Barsalou, T.: On the semantic equivalence of heterogeneous populations in multimodel, multidatabase systems. SIGMOD Record 20(4) (1991)

    Google Scholar 

  9. Spanoudakis, G., Constantopoulos, P.: Integrating specifications: A similarity reasoning approach. Automated Software Engineering Journal 2(4), 311–342 (1995)

    Article  Google Scholar 

  10. Sheth, A., Larson, J.: Federated database systems for managing distributed, heterogeneous and autonomous databases. ACM Computing Surveys 22(3) (1990)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Information and Communication Systems Engineering, University of the Aegean, Samos, GR-11472, Greece

    Spyros Kokolakis & Costas Lambrinoudakis

  2. Dept. of Informatics, Athens University of Economics & Business, 76 Patission St., Athens, GR-10434, Greece

    Dimitris Gritzalis

Authors
  1. Spyros Kokolakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Costas Lambrinoudakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dimitris Gritzalis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia

    Vladimir Gorodetsky

  2. AFRL/IF, 525 Brooks Rd., 13441-4505, Rome, NY, USA

    Leonard Popyack

  3. US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kokolakis, S., Lambrinoudakis, C., Gritzalis, D. (2003). A Knowledge-Based Repository Model for Security Policies Management. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45215-7_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40797-3

  • Online ISBN: 978-3-540-45215-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation