Firewall Wizards mailing list archives
Re: Security policy language
From: Jean-Denis Gorin <jdgorin () computer org>
Date: Mon, 05 Feb 2007 15:28:02 +0100
De : Marco Cremonini With a framework that maps policies at different logical levels, a partial automatic definition/verification of the security configuration with respect to the enterprise security policy (perhaps ...) could be done. We avoid fully automated solutions that have already proved to be a wrong path but still we could drive security configurations.
Maybe you could acheive that goal using different formal specification langages and rules of implementation from one level to the other.
Ok, I know that this is probably (or certainly) completely unrealistic because for real-world policies the complexity is still overwhelming, but, at least in theory, why not thinking to a layered security policy with every layer expressed with a language that people logically in charge of that layer can understand?
The software engineering academics have launch a "Verified Software Grand Challenge" (http://qpq.csl.sri.com) to prove that formal theory and tools are usable for software engineering (even big project). Maybe you could find some support there... Good luck! Jean-Denis. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Security policy language Marco Cremonini (Feb 01)
- Re: Security policy language Steffen Kluge (Feb 08)
- <Possible follow-ups>
- Re: Security policy language Jean-Denis Gorin (Feb 05)