Abstract
This paper presents a comparative study of policy specification lan- guages. Our objective is to find policy language or notation that is the most suit- able to express the security aspects of distributed applications running on pol- icy-based networks. We first made a selection of languages and we compare them on several criteria: their suitability to specify security, their ability to ex- ress both user and network oriented security aspects, the representation tech- nique they use and the notions they are able to express. This paper concludes on a discussion on what would be the ideal policy language for distributed applica- tions that have strong security constraints.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bearden M. et al.: Integrated Goal Specification in Policy-Based Management. In: Proc. of Policy Workshop, Lecture Notes in Computer Science, Vol. 1995. Springer-Verlag (2001)
Bhatia R. et al.: Policy Evaluation for Network Management. In: Proc of INFOCOM 2000, Tel-Aviv, Israel (2000)
Casassa Mont M. et al.: POWER Prototype: Towards Integrated Policy-Based Management. In: HP Labs Technical Reports HPL-1999-126 (1999)
Condell M. et al.: Security Policy Specification Language. In: IETF Internet-draft (2000)
Corba Security Service Specification v 1.7. In: OMG ftp://ftp.omg.org/pub/docs/formal/01-03-08.pdf (2001)
Cuppens F. et al.: Specifying a Security Policy: A Case Study. In: Proc. of the computer security foundations workshop, Kenmare, Ireland, (1996)
Damianou N.: A Policy Framework for Management of Distributed Systems. In: Ph.D. Thesis. Department of Computing, Imperial College (2002)
Diaz. O.: QoS Policy Specification-A Mapping from Ponder to the IETF Policy Information Model. In: Proc. of ENC01, Aguascalientes, México (2001)
Frolund S. et al.: QML: a language for Quality of Service specification. In: HP Labs Technical Report, HPL-98-10 (1998)
Frolund S. et al.: Quality of Service Aware Distributed Object Systems. In: HP Labs Technical Report, HPL-98-142 (1998)
Frolund S. et al.: QRR (QML Runtime Representation). In: HP Labs Technical Report, HPL-98-159 (1998)
Fu Z. et al.: IPsec/VPN Security Policy: Correctness, Conflict Detection, and Resolution. In: Proc. of Policy 2001, Lecture Notes in Computer Science, Vol. 1995. Springer-Verlag (2001) 39–56
Gay V. et al., Policy-Based Quality of Service and Security Management for Multimedia Services on IP networks in the RTIPA project. In: Proc. of MMNS 2002, Lecture Notes in Computer Science, Springer-Verlag (2002)
Gomes P. et al.: Management of Application Quality of Service. In: Proc. of DSOM 94 Toulouse, France (1994)
Gu X. et al.: An XML-based Quality of Service Enabling Language for the Web. In: Research Technical Report, Department of Computer Science, University of Illinois at Urbana-Champaing, UIUCDCS-R-2001-2212 (2001)
Hitchens M. et al.: Tower: A Language for Role Based Access Control. In: Proc. of Policy 2001, Lecture Notes in Computer Science, Vol. 1995. Springer-Verlag (2001) 88–106
Hoagland J. et al.: Security Policy Specification Using a Graphical Approach. In: Technical report CSE-98-3, University of California, Davis Department of Computer Science. (1998)
Jajodia S. et al.: A Logical Language for Expressing Authorizations. In: Proc. of the Symposium on Security and Privacy 1997, IEEE Press, (1997) 31–42
Koch T. et al.: Rules and agents for automated management of distributed systems. In: IEE/BCS/IOP Distributed Systems Engineering, Special Issue on Management, Vol 2, (1996)
Koch T. and Krell C.: Policy Definition Language for Automated Management of Distributed Systems. In: IEEE Computer Society (1996)
Koistinen J. et al.: QoS negotiation algorithm for QML. In: HP Labs Technical Report, HPL-98-51R1 (1998)
Lobo J. et al.: A Policy Description Language. In: Proc. of AAAI’99, Orlando, Florida (1999)
Loyall J.P. et al.: Specifying and Measuring Quality of Service in Distributed Objects. In: Proc. of ISORC’ 98, Kyoto, Japan (1998)
Lupu E.C. and Sloman M.: Conflict analysis for management policies. In Proc. of IM97, San Diego, CA, USA (1997) 430–443
Lutfiyya H. et al.: Managing QoS Requirements. In: UWO Technical Report 547 (1999)
Meyer B. et al.: Defining Policies for Performance Management in Open Distributed Systems. In: Proc of. DSOM’94 Toulouse, France (1994)
Meyer B. et al.: Flexible management of ANSAware applications. In: Proc. of ICODP95, Brisbane, Australia (1995) 255–265
Moffett J. D. et al.: Policy Conflict Analysis in Distributed System Management. In: Journal of Organizational Computing (1993)
Moore B. et al.: Policy Core Information Model-Version 1 Specification. In: RFC 3060 (2001)
Object Management Group. Object Constraint Language Specification. In: chapter 7 in OMG Unified Modeling Language Version 1.3 (1999)
Sloman M. et al.: Policy Specification for Programmable Networks. In: Proc of IWAN’99, Lecture Notes in Computer Science, Springer-Verlag, Stefan Covaci (ed.) (1999)
Snir Y. et al.: Policy QoS Information Model. In: IETF internet draft (2001)
Stone G.N. et al.: Network Policy Languages: A Survey and a New Approach. In: IEEE Network (2001)
Virmani A. et al.: Network Management for the SARAS Softswitch. In: Proc. of NOMS2000, J. Hong, R. (ed.), Weihmayer, Hawaii (2000) 803–816
Vogel A. et al.: Distributed Multimedia and QoS-A Survey. In: IEEE Multimedia, Vol2,2 (1995) 10–19
Wang. P.Y. et al.: Experimental QoS Performances of Multimedia Applications. In: Proc. of IEEE INFOCOM 2000, Tel-Aviv, Israel (2000)
Westerinen A.: Policy Terminology. In: IETF http://www.ietf.org/internet-drafts/draft-ietf-policy-terminology-02.txt (2001)
Wies R.: Policy Definition and Classification: Aspects, Criteria, and example. In: Proc. of DSOM’94 (1994)
Wies R.: Using a Classification of Management Policies for Policy Specification and Policy Transformation. In: Proc. of ISINM’ 95, Santa Barbara, California (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Duflos, S., Diaz, G., Gay, V., Horlait, E. (2002). A Comparative Study of Policy Specification Languages for Secure Distributed Applications. In: Feridun, M., Kropf, P., Babin, G. (eds) Management Technologies for E-Commerce and E-Business Applications. DSOM 2002. Lecture Notes in Computer Science, vol 2506. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36110-3_16
Download citation
DOI: https://doi.org/10.1007/3-540-36110-3_16
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00080-8
Online ISBN: 978-3-540-36110-7
eBook Packages: Springer Book Archive