Complex interactions between two organizations, involving sensible information and resources, requires to honor each organization's security policy. This implies to make compatible different sets of policy rules that were designed for different organizations, and, therefore, different subjects, actions, and objects, classified andorganized in different manners.
Therefore, in order to cooperate, two organizations need to agree on a higher-level interoperability policy that regulates how the security policy of each organization should be applied each time that an entity from one organization tries to access a resource of the other.
However, finding out what is the security policy that emerges from the combination of all the organization-level policies and the higher-level interoperability policy is not an easy task. In this presentation we introduce a methodology based on Finite State Transducers to analyse this situation modelling policy-rules, mapping entities, combine them, and automatically generate an interoperability set of security policies.
Javier Baliosian - "An Abstraction for the Analysis of Secure Policy Interoperability"
Fecha de inicio