Volume 8 - Issue 2
User-oriented Network Security Policy Specification
- Fulvio Valenza
Politecnico di Torino, DAUIN, corso duca degli Abruzzi 24, Turin, Italy, CNR-IEIIT, corso duca degli Abruzzi 24, Turin, Italy
fulvio.valenza@polito.it
- Antonio Lioy
Politecnico di Torino, DAUIN, corso duca degli Abruzzi 24, Turin, Italy
antonio.lioy@polito.it
Keywords: network security policy, security requirement, policy refinement
Abstract
The configuration and management of security controls and applications is complex and not well
understood by the majority of end-users (i.e. it typically requires specific skills). The security policy
language simplifies this task and reduces the number of errors and anomalies. This paper proposes the
specification of the two mechanisms for defining user’s security policies, namely High-level Security
Policy Language (HSPL) and Medium-level Security Policy Language (MSPL). HSPL is suitable for
expressing the protection requirements of typical non-technical users, while MSPL is a lower-level
abstraction useful for expressing specific configurations of security controls in a generic format (as
such it is more appealing for technical users).