ABSTRACT
This new paradigm defines security policies on cause-effect relations and models security mechanisms in analogy with pattern recognition classifiers. It augments the arsenal of formal computer security evaluation tools with new techniques. A causality model represents possible causes and effects; the causes include threats and the effects may be undesired. Target security policies derived from functional specifications select permitted causalities. Security mechanisms extract features from causes and effects and enforce mechanism-specific policies, approximating the target policy. Advantages of the classifier paradigm are the ability to generalize from incomplete information and examples, to measure classification error and mechanism performance, and to analyze mechanism ensembles and compositions. The classifier paradigm also offers a conception of problem complexity and suggests paying more attention to the impact of mechanisms rather than to their inner workings.
- Ross Anderson. Why cryptosystems fail. In CCS '93: Proceedings of the 1st ACM conference on Computer and communications security, pages 215--227, New York, NY, USA, 1993. ACM. Google ScholarDigital Library
- Ross J. Anderson. Security Engineering: A guide to building dependable distributed systems. Wiley, 2008. Google ScholarDigital Library
- Mitra Basu and Tin Kam Ho, editors. Data complexity in pattern recognition. Springer-Verlag New York Inc, 2006. Google ScholarDigital Library
- David Elliot Bell. Looking back at the Bell-La Padula model. In Proceedings of the 21st Annual Computer Security Applications Conference, pages 337--351. IEEE Computer Society Washington, DC, USA, 2005. Google ScholarDigital Library
- Common criteria for information technology security evaluation v3.1. available online, http://www.commoncriteriaportal.org/, 2006.Google Scholar
- Menahem Friedman and Abraham Kandel. Introduction to pattern recognition: statistical, structural, neural and fuzzy logic approaches. World scientific, 1999.Google Scholar
- Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in operating systems. Commun. ACM, 19(8):461--471, 1976. Google ScholarDigital Library
- Mikko Hypponen. 21 Solutions to Save the World: Masters of Their Domain. Foreign Policy, May/June, 2007.Google Scholar
- A. K. Jain, R. P. W. Duin, and Jianchang Mao. Statistical pattern recognition: a review. Pattern Analysis and Machine Intelligence, IEEE Transactions on, 22(1):4--37, Jan 2000. Google ScholarDigital Library
- J. Kittler, M. Hatef, R. P. W. Duin, and J. Matas. On combining classifiers. Pattern Analysis and Machine Intelligence, IEEE Transactions on, 20(3):226--239, Mar 1998. Google ScholarDigital Library
- J. Kittler, M. Hatef, and Duin R. P. W. Combining classifiers: A theoretical framework. Pattern Analysis & Applications, 1(1):18--27, 1998.Google ScholarDigital Library
- Nikunj C. Oza and Kagan Tumer. Classifier ensembles: Select real-world applications. Information Fusion, 9(1):4--20, 2008. Special Issue on Applications of Ensemble Methods. Google ScholarDigital Library
- U. Priss. Formal concept analysis in information science. Annual review of information science and technology, 40(1), 2006. Google ScholarDigital Library
- Jerome H. Saltzer and Michael D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278--1308, 1975.Google ScholarCross Ref
- Frank Swiderski and Window Snyder. Threat Modeling. Microsoft Press, 2004. Google ScholarDigital Library
- D. Whitley and J.P. Watson. Complexity theory and the no free lunch theorem. Search Methodologies: Introductory Tutorials in Optimization and Decision Support Techniques, page 317, 2005.Google Scholar
- D. H. Wolpert and W. G. Macready. No free lunch theorems for search. Technical report, Technical Report SFI-TR-95-02-010, Santa Fe Institute, 1995.Google Scholar
- Xerox workcentre/workcentre pro 232/238/245/255/265/275 multifunction systems security target. available online, http://www.commoncriteriaportal.org/files/epfiles/ST_VID10135-ST.pdf, 2005.Google Scholar
- Xerox workcentre/workcentre pro 232/238/245/255/265/275 multifunction systems validation report. available online, http://www.commoncriteriaportal.org/files/epfiles/ST_VID10135-VR.pdf, 2006.Google Scholar
Index Terms
- What is the shape of your security policy?: security as a classification problem
Recommendations
Security policy compliance with violation management
FMSE '07: Proceedings of the 2007 ACM workshop on Formal methods in security engineeringA security policy of an information system is a set of security requirements that correspond to permissions, prohibitions and obligations to execute some actions when some contextual conditions are satisfied. Traditional approaches consider that the ...
Inconsistency Detection System for Security Policy and Firewall Policy
ICNC '10: Proceedings of the 2010 First International Conference on Networking and ComputingPacket filtering in firewall either accepts or denies network packets based upon a set of pre-defined filters called firewall policy. Firewall policy is designed under the instruction of security policy. A network security policy is a generic document ...
Research and Realization of Security Policy in IPSec Based on ID3 Algorithm
MINES '09: Proceedings of the 2009 International Conference on Multimedia Information Networking and Security - Volume 02IPSec is a policy-driven security mechanism. How to react on the diversity of network security and quickly generate corresponding security policy is one of the core issues of IPSec. This article introduces the traditional IPSec security policy and ...
Comments