Expressive security policy rules using Layered Conceptual Graphs

A method must be provided to support the analysis of security policy rules interdependencies in a (possibly distributed) environment. We propose a Conceptual Graphs based language that will allow us to represent the structure of information and to employ reasoning for consistency checking. We motivate our choice of language by the gained expressivity, the potential for depicting policy associations rigourously and by associated reasoning capabilities. We explain our approach in the context of security requirements for medical systems. We evaluate our work theoretically, by means of an example of a real world policy rule.

[1]  A. W. Simonetti,et al.  Development of a decision support system for diagnosis and grading of brain tumours using in vivo magnetic resonance single voxel spectra , 2006, NMR in biomedicine.

[2]  Ronald J. Brachman,et al.  An overview of the KL-ONE Knowledge Representation System , 1985 .

[3]  Wouter Joosen,et al.  A Modular Access Control Service for Supporting Application-Specific Policies , 2006, IEEE Distributed Systems Online.

[4]  M. Chein,et al.  Conceptual graphs: fundamental notions , 1992 .

[5]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[6]  Ramaswamy Chandramouli A framework for multiple authorization types in a healthcare application system , 2001, Seventeenth Annual Computer Security Applications Conference.

[7]  Madalina Croitoru,et al.  Hierarchical Knowledge Integration Using Layered Conceptual Graphs , 2005, ICCS.

[8]  Liang Xiao,et al.  An Adaptive Security Model for Multi-agent Systems and Application to a Clinical Trials Environment , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[9]  J.S. Wimalasiri,et al.  Maintaining security in an ontology driven multi-agent system for electronic health records , 2004, Proceedings. 6th International Workshop on Enterprise Networking and Computing in Healthcare Industry - Healthcom 2004 (IEEE Cat. No.04EX842).

[10]  Anneke Kleppe,et al.  MDA explained - the Model Driven Architecture: practice and promise , 2003, Addison Wesley object technology series.

[11]  Sabine Van Huffel,et al.  On the Design of a Web-Based Decision Support System for Brain Tumour Diagnosis Using Distributed Agents , 2006, 2006 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology Workshops.