User-oriented Network Security Policy Specification – Journal of Internet Services and Information Security

Volume 8 - Issue 2

User-oriented Network Security Policy Specification

Fulvio Valenza Politecnico di Torino, DAUIN, corso duca degli Abruzzi 24, Turin, Italy, CNR-IEIIT, corso duca degli Abruzzi 24, Turin, Italy
fulvio.valenza@polito.it
Antonio Lioy Politecnico di Torino, DAUIN, corso duca degli Abruzzi 24, Turin, Italy
antonio.lioy@polito.it

DOI: 10.22667/JISIS.2018.05.31.033

Keywords: network security policy, security requirement, policy refinement

Abstract

The configuration and management of security controls and applications is complex and not well understood by the majority of end-users (i.e. it typically requires specific skills). The security policy language simplifies this task and reduces the number of errors and anomalies. This paper proposes the specification of the two mechanisms for defining user’s security policies, namely High-level Security Policy Language (HSPL) and Medium-level Security Policy Language (MSPL). HSPL is suitable for expressing the protection requirements of typical non-technical users, while MSPL is a lower-level abstraction useful for expressing specific configurations of security controls in a generic format (as such it is more appealing for technical users).

Date

May 2018

Page Number

33-47