Policy Evolution with Grammatical Evolution
Security policies are becoming more sophisticated. Operational forces will often be faced with making tricky risk decisions and policies must be flexible enough to allow appropriate actions to be facilitated. Access requests are no longer simple subject access object matters. There is often a great deal of context to be taken into account. Most security work is couched in terms of risk management, but the benefits of actions will need to be taken into account too. In some cases it may not be clear what the policy should be. People are often better at dealing with specific examples than producing general rules. In this paper we investigate the use of Grammatical Evolution (GE) to attempt to infer Fuzzy MLS policy from decision examples. This approach couches policy inference as a search for a policy that is most consistent with the supplied examples set. The results show this approach is promising.
KeywordsGenetic Program Security Policy Production Rule Derivative Tree Grammatical Evolution
Unable to display preview. Download preview PDF.
- 1.Horizontal Integration: Broader Access Models for Realizing Information Dominance. Technical Report JSR-04-132, The MITRE Corporation JASON Program Office, Mclean, Virginia (December 2004)Google Scholar
- 3.McDaniel, P.D.: Policy Evolution: Autonomic Environmental Security (December 2004)Google Scholar
- 4.Lim, Y.T., Cheng, P.C., Clark, J.A., Rohatgi, P.: Policy Evolution with Genetic Programming. Technical report, IBM Research Report RC24442 (2008)Google Scholar
- 5.Dempsey, I., O’Neill, M., Brabazon, A.: Adaptive Trading with Grammatical Evolution. In: Proceedings of the 2006 IEEE Congress on Evolutionary Computation, Vancouver, July 6-21, 2006, pp. 9137–9142. IEEE Press, Los Alamitos (2006)Google Scholar
- 6.Brabazon, T., O’Neill, M., Ryan, C., Collins, J.J.: Uncovering Technical Trading Rules Using Evolutionary Automatic Programming. In: Proceedings of 2001 AAANZ Conference (Accounting Association of Australia and NZ), Auckland, New Zealand, July 1-3 (2001)Google Scholar
- 7.Brabazon, T., O’Neill, M.: Trading Foreign Exchange Markets Using Evolutionary Automatic Programming. In: Barry, A.M. (ed.) GECCO 2002: Proceedings of the Bird of a Feather Workshops, Genetic and Evolutionary Computation Conference, New York, July 8, 2002, pp. 133–136. AAAI, Menlo Park (2002)Google Scholar
- 9.Cheng, P.C., Rohatgi, P., Keser, C., Karger, P.A., Wagner, G.M., Reninger, A.S.: Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control. In: IEEE Symposium on Security and Privacy, pp. 222–230 (2007)Google Scholar
- 10.Bell, D.E., LaPadula, L.J.: Computer Security Model: Unified Exposition and Multics Interpretation. Technical Report ESD–TR–75–306, The MITRE Corporation, Bedford, MA. HQ Electronic Systems Division, Hanscom AFB, MA (March 1976)Google Scholar
- 13.Lim, Y.T., Cheng, P.C., Clark, J.A., Rohatgi, P.: Policy Evolution with Genetic Programming: a Comparison of Three Approaches. In: 2008 IEEE Congress on Evolutionary Computation, Hong Kong, IEEE Computational Intelligence Society, June 1-6, 2008, pp. 813–819. IEEE Press, Los Alamitos (2008)Google Scholar