Overview
Policies define how a secure system should behave and which service it provides to its users, even if some users misbehave or an adversary attacks the system. Calling a system "secure" is only meaningful together with a corresponding policy that defines the desired notion of security. This project addresses security policies in the following contexts.
-
Separation of duties
Many enterprises implement the principle of separation of duties for critical actions in order to prevent fraud and errors. This project has developed a system to analyze the separation of duties in role assignments, authorization policies, and log files for enterprises. -
Managing assurance, security and trust for enterprises (MASTER)
The MASTER project explores tools, methodologies, and technologies for building highly dynamic, potentially outsourced, regulated, and verifiably compliant IT systems. - Privacy policies
Today, enterprises face the challenge of finding a balance between serving their customers over the Internet and accommodating rising privacy demands by those same customers. To support this goal, this project addresses privacy policies and develops a twofold combined access control and data-handling policy language.