TU Darmstadt / ULB / TUbiblio

What Is the Shape of Your Security Policy? Security as a Classification Problem

Türpe, Sven (2009)
What Is the Shape of Your Security Policy? Security as a Classification Problem.
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

This new paradigm defines security policies on cause-effect relations and models security mechanisms in analogy with pattern recognition classifiers. It augments the arsenal of formal computer security evaluation tools with new techniques. A causality model represents possible causes and effects; the causes include threats and the effects may be undesired. Target security policies derived from functional specifications select permitted causalities. Security mechanisms extract features from causes and effects and enforce mechanism-specific policies, approximating the target policy. Advantages of the classifier paradigm are the ability to generalize from incomplete information and examples, to measure classification error and mechanism performance, and to analyze mechanism ensembles and compositions. The classifier paradigm also offers a conception of problem complexity and suggests paying more attention to the impact of mechanisms rather than to their inner workings.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2009
Autor(en): Türpe, Sven
Art des Eintrags: Bibliographie
Titel: What Is the Shape of Your Security Policy? Security as a Classification Problem
Sprache: Englisch
Publikationsjahr: 2009
Verlag: ACM
Buchtitel: New Security Paradigms Workshop 2009
Kurzbeschreibung (Abstract):

This new paradigm defines security policies on cause-effect relations and models security mechanisms in analogy with pattern recognition classifiers. It augments the arsenal of formal computer security evaluation tools with new techniques. A causality model represents possible causes and effects; the causes include threats and the effects may be undesired. Target security policies derived from functional specifications select permitted causalities. Security mechanisms extract features from causes and effects and enforce mechanism-specific policies, approximating the target policy. Advantages of the classifier paradigm are the ability to generalize from incomplete information and examples, to measure classification error and mechanism performance, and to analyze mechanism ensembles and compositions. The classifier paradigm also offers a conception of problem complexity and suggests paying more attention to the impact of mechanisms rather than to their inner workings.
Freie Schlagworte: Secure Services;Security policy, security analysis, classifier system, high-dimensional space, secure composition, defense in depth, threat model, causality
ID-Nummer: TUD-CS-2009-0068
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
LOEWE > LOEWE-Zentren
LOEWE
Hinterlegungsdatum: 30 Dez 2016 20:23
Letzte Änderung: 17 Mai 2018 13:02
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen
OAI 2.0-Basis-URL: https://tubiblio.ulb.tu-darmstadt.de/cgi/oai2 TUbiblio verwendet EPrints 3.
Drucken | Impressum | Datenschutzerklärung