Merging security policies: analysis of a practical example

It often happens that organizations or companies have to respect several security policies simultaneously. The authors analyze a practical example which applies to the context of documents containing sensitive information. This example considers the problem of downgrading the classification of these...

Full description

Saved in:
Bibliographic Details
Main Authors: Cuppens, F., Cholvy, L., Saurel, C., Carrere, J.
Format: Conference Proceeding
Language:English
Subjects:
Ethics
Information security
Interference
Merging
Multilevel systems
Permission
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:It often happens that organizations or companies have to respect several security policies simultaneously. The authors analyze a practical example which applies to the context of documents containing sensitive information. This example considers the problem of downgrading the classification of these documents when their contents become obsolete. There are several security policies that deal with this problem and it appears that these security policies are conflicting. They suggest a general approach to detect and solve the conflicts between the security policies and show how it applies to the practical example.
ISSN:1063-6900
2377-5459
DOI:10.1109/CSFW.1998.683163