Home > Publications
Home University of Twente
Prospective Students
Intranet (internal)

EEMCS EPrints Service

23000 Security Policy Alignment: A Formal Approach
Home Policy Brochure Browse Search User Area Contact Help

Pieters, W. and Dimkov, T. and Pavlovic, D. (2013) Security Policy Alignment: A Formal Approach. IEEE Systems Journal, 7 (2). pp. 275-287. ISSN 1932-8184 *** ISI Impact 2,114 ***

Full text available as:

- Univ. of Twente only
1763 Kb

Official URL:

Exported to Metis


Security policy alignment concerns the matching of security policies specified at different levels in socio-technical systems, and delegated to different agents, technical and human. For example, the policy that sales data should not leave an organization is refined into policies on door locks, firewalls and employee behavior, and this refinement should be correct with respect to the original policy. Although alignment of security policies in socio-technical systems has been discussed in the literature, especially in relation to business goals, there has been no formal treatment of this topic so far in terms of consistency and completeness of policies. Wherever formal approaches are used in policy alignment, these are applied to well-defined technical access control scenarios instead. Therefore, we aim at formalizing security policy alignment for complex socio-technical systems in this paper, and our formalization is based on predicates over sequences of actions. We discuss how this formalization provides the foundations for existing and future methods for finding security weaknesses induced by misalignment of policies in socio-technical systems.

Item Type:Article
Research Group:EWI-DIES: Distributed and Embedded Security
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World, UT-CST: Crime Science Twente
Research Project:VISPER: The VIrtual Security PERimeter for digital, physical, and organisational security
Uncontrolled Keywords:Attack trees, Security logics, Security policies, Security policy alignment, Security policy refinement, Socio-technical systems, System models
ID Code:23000
Deposited On:13 February 2013
ISI Impact Factor:2,114
More Information:statisticsmetis

Export this item as:

To request a copy of the PDF please email us request copy

To correct this item please ask your editor

Repository Staff Only: edit this item