Semantic Context Aware Security Policy Deployment

摘要

The successful deployment of a security policy is closely related not only to the complexity of the security requirements but also to the capabilities/functionalities of the security devices. The complexity of the security requirements is additionally increased when contextual constraints are taken into account. Such situations appear when addressing the dynamism of some security requirements or when searching a finer granularity for the security rules. The context denotes those specific conditions in which the security requirements are to be met. (Re)deploying a contextual security policy depends on the security device functionalities: either (1) the devices include all functionalities necessary to deal with a context and the policy is consequently deployed for ensuring its automatic changes or (2) the devices do not have the right functionalities to entirely interpret a contextual requirement. We present a solution to cope with this issue: the (re)deployment of access control policies in a system that lacks the necessary functionalities to deal with contexts.