Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP

HP.com home

Technical Reports


HP Labs

» Research
» News and events
» Technical reports
» About HP Labs
» Careers @ HP Labs
» Worldwide sites
» Downloads
Content starts here

Click here for full text: PDF

Model-based validation of enterprise access policies

Bhatt, Sandeep; Horne, William; Pato, Joe; Rajagopalan, S. Raj; Rao, Prasad


Keyword(s): security; access control; policy; validation

Abstract: Coordinating security seamlessly across an enterprise is a challenge. Enterprises deploy multiple access control mechanisms at different technology layers; each mechanism is painstakingly configured and maintained using specialized user interfaces, most likely by different administrators in different organizations at different sites, perhaps employing different notions of users and roles. This piecemeal approach makes security management labor-intensive and, therefore, expensive, error-prone and slow to adapt. We present a model-driven technique for automated policy-based access analysis. Based on the ideas presented in this paper, we have built a prototype, the Integrated Security Management (ISM) system which, given the security configurations of hosts, applications and network devices, automatically validates whether the enterprise is in compliance with high-level enterprise access policy. The system relies on composable models that capture the access control semantics of applications, middleware and devices, in a manner that enables efficient enterprise-scale analysis.

16 Pages

Back to Index

»Technical Reports

» 2009
» 2008
» 2007
» 2006
» 2005
» 2004
» 2003
» 2002
» 2001
» 2000
» 1990 - 1999

Heritage Technical Reports

» Compaq & DEC Technical Reports
» Tandem Technical Reports
Printable version
Privacy statement Using this site means you accept its terms Feedback to HP Labs
© 2009 Hewlett-Packard Development Company, L.P.