English
Related papers

Related papers: Directed Security Policies: A Stateful Network Imp…

200 papers

A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between…

Cryptography and Security · Computer Science 2013-10-15 Jean Quilbeuf , Georgeta Igna , Denis Bytschkow , Harald Ruess

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction,…

Cryptography and Security · Computer Science 2022-12-08 Ivan Kovačević , Bruno Štengl , Stjepan Groš

A security policy states the acceptable actions of an information system, as the actions bear on security. There is a pressing need for organizations to declare their security policies, even informal statements would be better than the…

Cryptography and Security · Computer Science 2007-05-23 James A. Hoagland , Raju Pandey , Karl N. Levitt

Network protocols are programs with inputs and outputs that follow predefined communication patterns to synchronize and exchange information. There are many protocols and each serves a different purpose, e.g., routing, transport, secure…

Cryptography and Security · Computer Science 2025-11-04 Max von Hippel

As networks expand in size and complexity, they pose greater administrative and management challenges. Software Defined Networks (SDN) offer a promising approach to meeting some of these challenges. In this paper, we propose a policy driven…

Cryptography and Security · Computer Science 2018-06-07 Vijay Varadharajan , Kallol Karmakar , Uday Tupakula , Michael Hitchens

We present the notion of stateful priorities for imposing precise restrictions on system actions, in order to meet safety constraints. By using stateful priorities we are able to exclusively restrict erroneous system behavior as specified…

Logic in Computer Science · Computer Science 2020-02-21 Christian Herrera

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

In the area of networks, a common method to enforce a security policy expressed in a high-level language is based on an ad-hoc and manual rewriting process. We argue that it is possible to build a formal link between concrete and abstract…

Cryptography and Security · Computer Science 2010-04-12 Nicolas Stouls , Marie-Laure Potet

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…

Software Engineering · Computer Science 2015-08-18 Andrea Margheri , Rosario Pugliese , Francesco Tiezzi

Improvements in software defined networking allow for policy to be informed and modified by data-driven applications that can adjust policy to accommodate fluctuating requirements at line speed. However, there is some concern that…

Cryptography and Security · Computer Science 2026-01-27 Yi Lyu , Shichun Yu , Joe Catudal

A common requirement in policy specification languages is the ability to map policies to the underlying network devices. Doing so, in a provably correct way, is important in a security policy context, so administrators can be confident of…

Cryptography and Security · Computer Science 2016-05-31 Dinesha Ranathunga , Matthew Roughan , Phil Kernick , Nick Falkner

We develop a theory for state-based noninterference in a setting where different security policies---we call them local policies---apply in different parts of a given system. Our theory comprises appropriate security definitions,…

Cryptography and Security · Computer Science 2013-06-17 Sebastian Eggert , Henning Schnoor , Thomas Wilke

Consensus protocols can be an effective tool for synchronizing small amounts of data over small regions. We describe the concept and implementation of entangled links, applied to data transmission, using the framework of Promise Theory as a…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-06-18 Paul Borrill , Mark Burgess , Alan Karp , Atsushi Kasuya

For the formal verification of a network security policy, it is crucial to express the verification goals. These formal goals, called security invariants, should be easy to express for the end user. Focusing on access control and…

Cryptography and Security · Computer Science 2016-04-04 Cornelius Diekmann , Stephan-A. Posselt , Heiko Niedermayer , Holger Kinkelin , Oliver Hanka , Georg Carle

We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally…

Cryptography and Security · Computer Science 2009-05-12 Stere Preda , Nora Cuppens-Boulahia , Frederic Cuppens , Joaquin Garcia-Alfaro , Laurent Toutain

In this paper, we mainly investigate an integrated system operating under a software defined network (SDN) protocol. SDN is a new networking paradigm in which network intelligence is centrally administered and data is communicated via…

Optimization and Control · Mathematics 2018-12-04 Cheng Tan , Wing Shing Wong , Huanshui Zhang

The connectivity of the Internet at the Autonomous System level is influenced by the network operator policies implemented. These in turn impose a direction to the announcement of address advertisements and, consequently, to the paths that…

Networking and Internet Architecture · Computer Science 2010-05-07 Pedro David Arjona-Villicaña , Costas C. Constantinou , Alexander S. Stepanenko

We summarize the main results proved in recent work on the parameterized verification of safety properties for ad hoc network protocols. We consider a model in which the communication topology of a network is represented as a graph. Nodes…

Logic in Computer Science · Computer Science 2011-08-10 Giorgio Delzanno , Arnaud Sangnier , Gianluigi Zavattaro

Distributed implementations of access control abound in distributed storage protocols. While such implementations are often accompanied by informal justifications of their correctness, our formal analysis reveals that their correctness can…

Cryptography and Security · Computer Science 2008-06-02 Avik Chaudhuri

We introduce a class of distributed control policies for networks of discrete-time linear systems with polytopic additive disturbances. The objective is to restrict the network-level state and controls to user-specified polyhedral sets for…

Systems and Control · Computer Science 2017-09-29 Sadra Sadraddini , Calin Belta
‹ Prev 1 2 3 10 Next ›