Security policy specification

Jorge Bernal Bernabé, Juan M. Marín Pérez, Jose M. Alcaraz Calero, Jesús D. Jiménez Re, Félix J.G. Clemente, Gregorio Martínez Pérez, Antonio F.G. Skarmeta

Research output: Chapter in Book/Report/Conference proceedingChapter

4 Citations (Scopus)


Policy-based management of information systems enables the specification of high-level policies which need to be refined into lower level configurations suitable to be directly applied to services and final devices in order to achieve the high-level behavior previous specified. This chapter presents a proposal for describing high-level security policies and for carrying out the policy refinement process for which low level policies and configurations are achieved. Firstly, an analysis of different research works related to the specification of security policy is provided. Then, a detailed description of the information model used for describing the information systems and the policies is described. After that, the language designed for specifying high level security policies is explained as well as the low level language based on the Common Information Model. Finally, some aspect about the policy refinement process done in the policy-based system in order to achieve low-level policies from the high-level security policies is outlined together with a description of the tools which can assist in the definition of the security policies and in the process refinement process.
Original languageEnglish
Title of host publicationNetwork and Traffic Engineering in Emerging Distributed Computing Applications
PublisherIdea Group Inc
Number of pages28
ISBN (Electronic)9781466618893
ISBN (Print)9781466618886, 1466618884
Publication statusPublished - 2013
Externally publishedYes


Dive into the research topics of 'Security policy specification'. Together they form a unique fingerprint.

Cite this