Next message: AC: "fw-1 general & VPN questions"
At 11:22 -0400 16/4/98, Bill_Roydsat_private wrote:
>One problem that a needs to be addressed is a "Security Policy Language"
>which would be a formal notation for writing security policies that would
>be both
>explainable to managers and executives and verifiable in a formal sense.
>There has been work done on this in programming language verification
>(Euclid and stuff from late 70's) but it ended up being too "mathematical"
>for real world use. The tradeoff between ease of use and completnenss has
>always been one of the deisgn problems in all computer software. It is a
>hard problem as any firewall make can tell you. If you make a nice
>friendly GUI to sell the product, it becomes an obstacle to actually using
>the product in daily business.
See also a paper "Specifying a Security Policy: A Case Study" by
FreŽdeŽric Cuppens and Claire Saurel, ONERA-CERT, France (sorry forget
URL but it should be somewhere on theirs site)
This is taken from Abstract:
The objective of this paper is to assist the security admin-istrators,
in their attempt to specify, define and formalize
security policies suited to a given high risk environment.
It is then possible for the administrators to automatically
derive consequencies of these policies. In particular, we
want to provide users with the following functionalities:
� Query a given security policy.
� Verify that properties such as consistency and com-pleteness
are enforced by a given policy.
� Verify that a given situation does not violate the security
policy.
� Investigate interoperability problems between several
security policies.
Cheers,
Gaus
---------------------------------------------------------------
EuroCERT tel: (+44 1235) 822 382
c/o UKERNA fax: (+44 1235) 822 398
Atlas Centre
Chilton, Didcot
Oxfordshire OX11 0QS, UK
This archive was generated by hypermail 2b30
: Fri Apr 13 2001 - 12:55:34 PDT