Policy Specification Language Design

Rosenthal, David; Stillerman, Matt; Thomas, Roshan

Policy Specification Language Design

Active / Technical Report | Accession Number: ADA360505 |

Open PDF

Abstract:

The purpose of this investigation was to aid developers of groupware applications, such as applications using Lotus Notes, in choosing appropriate security controls. Products such as Lotus Notes have security controls e.g., access control lists, encrypted sections, and digital signatures for building applications that meet complex security policies. It may be difficult for the application developer to select the right combination of controls to meet the desired security policy. This report describes a security policy language that can express general policy constraints on users and data, as well as constraints that directly map to Lotus Notes security controls. It can capture both the type of protection desired as well as some aspects of the assurance level.

Author(s):

Rosenthal, David ; Stillerman, Matt ; Thomas, Roshan

Author Organization(s):

ODYSSEY RESEARCH ASSOCIATES INC ITHACANY

Descriptive Note:

Final technical rept. Jun 96-Oct 97

Supplementary Note:

DOI: 10.21236/ADA360505

Pagination:

0066

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

ORA-TM-97-0029, AFRL-IF-RS-TR-1998-235

Contract/Grant Number(s):

F30602-96-C-0213

Task Number(s):

01

Project Number(s):

1069

Monitor Series:

TR-1998-235, AFRL/RS

Subject Terms

Joint Capability Areas:

JCA_8_Building Partnerships; JCA_8.2_Shape; JCA_8.1_Communicate; JCA_8.1.3_Influence Adversary and Competitor Audiences; JCA_8.2.2_Provide Aid to Foreign Partners and Institutions; JCA_8.2.1_Partner with Governments and Institutions; JCA_5_Command and Control; JCA_1.2.6_Concepts; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_5.2_Understand; JCA_6_Net Centric; JCA_5.3_Planning; JCA_6.4.1_Secure Information Exchange; JCA_1_Force Support; JCA_5.5.2_Task; JCA_5.5_Direct; JCA_6.4.2_Protect Data and Networks; JCA_6.4_Information Assurance; JCA_1.2_Force Preparation; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent

Modernization Areas:

Fully Networked C3

Communities of Interest:

Space

Descriptor(s):

*SOFTWARE ENGINEERING, *DATA PROCESSING SECURITY, DATA BASES, DATA MANAGEMENT, QUALITY ASSURANCE, SYNTAX, FIELDS(COMPUTER PROGRAMS), CLIENT SERVER SYSTEMS

Field(s)/Group(s):

Computer Systems Management and Standards, Computer Programming and Software

Keyword(s):

COMPUTER SECURITY, ACCESS CONTROL, GROUPWARE PRODUCTS, ENCRYPTION, PE33401F, WUAFRL10690104

Report Date:

1998 Jan 01

Creation Date:

1999 Mar 17