Multidimensional Security Policies

Bojan Suzic

Publikation: Buch/Bericht/KonferenzbandBericht für AuftraggeberForschung

Abstract

The definition, evaluation and execution of security policies are typically oriented toward a particular organization and its internal infrastructure. In such scenario, the conceptualization of security policies follows organizational processes, being aligned with them both in the terms of capabilities, applied data structures or communication interfaces. The transition to cloud and mobile technologies, which increasingly depend on inter-organizational connectivity and collaboration of heterogeneous environments, introduces the challenges to this approach. In order to be applicable in cross-platform and cross-system scenarios, security policies need to conform to the requirements of interoperability, which especially involves their structure, representation and abstraction level of conceptualization.
Hence, the policies need to be understood and applicable beyond central premises and processes, exhibiting the form that supports the collaboration in distributed and heterogeneous environments.
The same applies to the entities and processes dealt with these policies, as they need to be understood out of the context as well. The arrangement of these policies additionally needs to demonstrate the advanced expressivity and the capability to support different dimensions of security requirements. These dimensions, depending on a particular scenario, might include the contextual requirements, limitations, data security and legal aspects, as well as the capability to handle security level agreements and contract-based transactions.
The goal of this project is twofold. First, it aims to provide a brief analysis of integration processes and application of security policies in cross-domain environments, reviewing the issues and establishing the requirements for interoperable and multidimensional policies. In the second aim, this project provides an initial groundwork in the form of a framework that can be used to analyze, define, test and integrate security policies in multiple environments. This technical report hence presents both of these results, elaborating on additional aspects and features that enable their application below the definition and exchange of security policies.
Originalspracheenglisch
VerlagZentrum für sichere Informationstechnologie - Austria
Seitenumfang26
PublikationsstatusVeröffentlicht - 2016

Schlagwörter

  • security policy
  • security policies
  • security enforcement
  • data privacy
  • oauth
  • xacml
  • distributed systems
  • cross-domain

Dies zitieren

Suzic, B. (2016). Multidimensional Security Policies. Zentrum für sichere Informationstechnologie - Austria.

Multidimensional Security Policies. / Suzic, Bojan.

Zentrum für sichere Informationstechnologie - Austria, 2016. 26 S.

Publikation: Buch/Bericht/KonferenzbandBericht für AuftraggeberForschung

Suzic, B 2016, Multidimensional Security Policies. Zentrum für sichere Informationstechnologie - Austria.
Suzic B. Multidimensional Security Policies. Zentrum für sichere Informationstechnologie - Austria, 2016. 26 S.
Suzic, Bojan. / Multidimensional Security Policies. Zentrum für sichere Informationstechnologie - Austria, 2016. 26 S.
@book{d1f58c3b1aac40abae66d0b272ea7d9b,
title = "Multidimensional Security Policies",
abstract = "The definition, evaluation and execution of security policies are typically oriented toward a particular organization and its internal infrastructure. In such scenario, the conceptualization of security policies follows organizational processes, being aligned with them both in the terms of capabilities, applied data structures or communication interfaces. The transition to cloud and mobile technologies, which increasingly depend on inter-organizational connectivity and collaboration of heterogeneous environments, introduces the challenges to this approach. In order to be applicable in cross-platform and cross-system scenarios, security policies need to conform to the requirements of interoperability, which especially involves their structure, representation and abstraction level of conceptualization.Hence, the policies need to be understood and applicable beyond central premises and processes, exhibiting the form that supports the collaboration in distributed and heterogeneous environments.The same applies to the entities and processes dealt with these policies, as they need to be understood out of the context as well. The arrangement of these policies additionally needs to demonstrate the advanced expressivity and the capability to support different dimensions of security requirements. These dimensions, depending on a particular scenario, might include the contextual requirements, limitations, data security and legal aspects, as well as the capability to handle security level agreements and contract-based transactions.The goal of this project is twofold. First, it aims to provide a brief analysis of integration processes and application of security policies in cross-domain environments, reviewing the issues and establishing the requirements for interoperable and multidimensional policies. In the second aim, this project provides an initial groundwork in the form of a framework that can be used to analyze, define, test and integrate security policies in multiple environments. This technical report hence presents both of these results, elaborating on additional aspects and features that enable their application below the definition and exchange of security policies.",
keywords = "security policy, security policies, security enforcement, data privacy, oauth, xacml, distributed systems, cross-domain",
author = "Bojan Suzic",
year = "2016",
language = "English",
publisher = "Zentrum f{\"u}r sichere Informationstechnologie - Austria",
address = "Austria",

}

TY - BOOK

T1 - Multidimensional Security Policies

AU - Suzic, Bojan

PY - 2016

Y1 - 2016

N2 - The definition, evaluation and execution of security policies are typically oriented toward a particular organization and its internal infrastructure. In such scenario, the conceptualization of security policies follows organizational processes, being aligned with them both in the terms of capabilities, applied data structures or communication interfaces. The transition to cloud and mobile technologies, which increasingly depend on inter-organizational connectivity and collaboration of heterogeneous environments, introduces the challenges to this approach. In order to be applicable in cross-platform and cross-system scenarios, security policies need to conform to the requirements of interoperability, which especially involves their structure, representation and abstraction level of conceptualization.Hence, the policies need to be understood and applicable beyond central premises and processes, exhibiting the form that supports the collaboration in distributed and heterogeneous environments.The same applies to the entities and processes dealt with these policies, as they need to be understood out of the context as well. The arrangement of these policies additionally needs to demonstrate the advanced expressivity and the capability to support different dimensions of security requirements. These dimensions, depending on a particular scenario, might include the contextual requirements, limitations, data security and legal aspects, as well as the capability to handle security level agreements and contract-based transactions.The goal of this project is twofold. First, it aims to provide a brief analysis of integration processes and application of security policies in cross-domain environments, reviewing the issues and establishing the requirements for interoperable and multidimensional policies. In the second aim, this project provides an initial groundwork in the form of a framework that can be used to analyze, define, test and integrate security policies in multiple environments. This technical report hence presents both of these results, elaborating on additional aspects and features that enable their application below the definition and exchange of security policies.

AB - The definition, evaluation and execution of security policies are typically oriented toward a particular organization and its internal infrastructure. In such scenario, the conceptualization of security policies follows organizational processes, being aligned with them both in the terms of capabilities, applied data structures or communication interfaces. The transition to cloud and mobile technologies, which increasingly depend on inter-organizational connectivity and collaboration of heterogeneous environments, introduces the challenges to this approach. In order to be applicable in cross-platform and cross-system scenarios, security policies need to conform to the requirements of interoperability, which especially involves their structure, representation and abstraction level of conceptualization.Hence, the policies need to be understood and applicable beyond central premises and processes, exhibiting the form that supports the collaboration in distributed and heterogeneous environments.The same applies to the entities and processes dealt with these policies, as they need to be understood out of the context as well. The arrangement of these policies additionally needs to demonstrate the advanced expressivity and the capability to support different dimensions of security requirements. These dimensions, depending on a particular scenario, might include the contextual requirements, limitations, data security and legal aspects, as well as the capability to handle security level agreements and contract-based transactions.The goal of this project is twofold. First, it aims to provide a brief analysis of integration processes and application of security policies in cross-domain environments, reviewing the issues and establishing the requirements for interoperable and multidimensional policies. In the second aim, this project provides an initial groundwork in the form of a framework that can be used to analyze, define, test and integrate security policies in multiple environments. This technical report hence presents both of these results, elaborating on additional aspects and features that enable their application below the definition and exchange of security policies.

KW - security policy

KW - security policies

KW - security enforcement

KW - data privacy

KW - oauth

KW - xacml

KW - distributed systems

KW - cross-domain

M3 - Commissioned report

BT - Multidimensional Security Policies

PB - Zentrum für sichere Informationstechnologie - Austria

ER -