Advertisement

Rule-Based Systems Security Model

  • Michael Smirnov
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2776)

Abstract

Rule-based systems in networking control access for various resources and usually are statically configured. Dynamic service creation and preparedness for the unexpected require possibility to update rules at run-time without loss of performance. This is possible with our event oriented programmable model, where rule designer does not need to care about obsolete rules; conflicts between new rules and installed rules are resolved automatically. Synchronisation between rule designer and current state of installed rules is based on self-organisation property of FGK algorithm that can be used without any modificatioins.

Keywords

Rule Base Conflict Resolution Security Policy Frequency Count Rule Designer 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Arens, Y., Rosenbloom, P. (eds.): Responding to the unexpected. Report of the Workshop, New York, N,Y., Feb. 27 – Mar. 1 (2002), URL, http://crue.isi.edu/research/report.html
  2. 2.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M., Ponder: A Language for Specifying Security and Management Policies for Distributed Systems, The Language Specification Version 2.3, Imperial College Research Report DoC 2000/1, October– 20 (2000), URL, http://www-dse.doc.ic.ac.uk/policies
  3. 3.
    Ferraiolo, D.F., Sandhu, R., Serban, G., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and Systems Security 4(3) (August 2001), http://www.list.gmu.edu/journal_papers1.htm
  4. 4.
    Lupu, E., Sloman, M.: Conflicts in Policy-based Distributed Systems Management. IEEE Transactions on Software Engineering 25(6), 852–869 (1999); special Issue on Inconsistency Management, URL: http://www-dse.doc.ic.ac.uk/~mss/emil/tse.pdf Google Scholar
  5. 5.
    The CIM Tutorial, Distributed Management Task Force, Inc. (2003), URL, http://www.dmtf.org/education/cimtutorial/index.php
  6. 6.
    Smirnov, M.: Security Considerations and Models for Service Creation in Premium IP Networks. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 51–63. Springer, Heidelberg (2001)Google Scholar
  7. 7.
    Lelewer, D., Hirschberg, D.: Data Compression, http://www1.ics.uci.edu/~dan/pubs/DataCompression.html

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Michael Smirnov
    • 1
  1. 1.Fraunhofer FOKUSBerlinGermany

Personalised recommendations