Re: Intrusion Detection and Secuirty Policy

[Damir Rajnovic <Damir.Rajnovic () eurocert net>]

At 11:22 -0400 16/4/98, Bill_Royds () pch gc ca wrote:
> One problem that a  needs to be addressed is a "Security Policy Language"
> which would be a formal notation for writing security policies that would
> be both
> explainable to managers and executives and verifiable in a formal sense.
> There has been work done on this in programming language verification
> (Euclid and stuff from late 70's) but it ended up being too "mathematical"
> for real world use. The tradeoff between ease of use and completnenss has
> always been one of the deisgn problems in all computer software. It is a
> hard problem as any firewall  make can tell you. If you make a nice
> friendly GUI to sell the product, it becomes an obstacle to actually using
> the product in daily business.

See also a paper "Specifying a Security Policy: A Case Study" by
Fre´de´ric Cuppens and Claire Saurel, ONERA-CERT, France (sorry forget
URL but it should be somewhere on theirs site)

This is taken from Abstract:

The objective of this paper is to assist the security admin-istrators,
in their attempt to specify, define and formalize
security policies suited to a given high risk environment.
It is then possible for the administrators to automatically
derive consequencies of these policies. In particular, we
want to provide users with the following functionalities:
 Query a given security policy.
 Verify that properties such as consistency and com-pleteness
are enforced by a given policy.
 Verify that a given situation does not violate the security
policy.
 Investigate interoperability problems between several
security policies.


Cheers,

Gaus

---------------------------------------------------------------
EuroCERT                                tel: (+44 1235) 822 382
c/o UKERNA                              fax: (+44 1235) 822 398
Atlas Centre
Chilton, Didcot
Oxfordshire OX11 0QS, UK