Policy Specification, Analysis and Transformation

1
Policy Specification, Analysis and Transformation
A scenario based demo will illustrate the
research concepts in the security policy
management area. Demonstration Components
Demonstration Architecture

• Policy Transformation
• Transform high level policies into low level
  policies using rule based transformation.
  Example
• Input policy
• If user is from U.S. then provide high security
• Transformation rules
• Replace U.S. with subnet 9.2.x.x
• Replace high security with 256 bit encryption
  and DES encryption
• Output Policy
• If user is from subnet 9.2.x.x Then use 256 bit
  encryption and DES encryption

• SPARCLE Policy Workbench
• The SPARCLE project is developing a highly usable
  policy workbench that enables organizations to
• Create policies in natural language
• Connect policy definition to system entities
• Check policy compliance
• Provides natural language analysis of textual
  policies, displays results for expert review, and
  generates the machine-readable XML version of the
  policies, with 94 parsing precision.
• Displays parsing and analysis results for expert
  review.
• Transforms the policy sets into machine-readable
  XML version of the policies.

• Policy Deployment
• In our scenario we are working with Self-Managed
  Cells (SMC) resources
• SMCs are agents built using the Ponder2 policy
  framework developed at Imperial College
• SMC policy service - Ponder2 framework
• Two types of policies
• Obligation policies (event-condition-action)
  define management actions performed in response
  to events
• Authorization policies specify which actions are
  permitted on which resources and services
• Managed objects to which policies apply can be
• Internal resources
• Adapters for external services
• Policies themselves

• Policy Analysis
• Provides a formal process that allows policy
  administrators to certify the correctness of a
  policy.
• Demo highlights the use of advanced algorithms to
  systematically identify potential problems.
• Conflict Identification Check consistency
• Policies are in conflict if they can be
  simultaneously applicable and prescribe
  incompatible actions.
• Dominance Analysis Discover redundancies
• A policy is dominated by one or more other
  policies when the addition of the first policy
  does not effect the behavior of the system
  governed by the set of policies.
• Coverage Analysis Check Completeness
• A set of policies may (or may not) provide
  definition for a range of input parameters. This
  analysis method determines if there are gaps in
  the coverage.

• Project Team
• Mandis Beigi, Carolyn Brodie, Seraphin Calo,
  David George, Clare-Marie Karat, John Karat,
  Jorge Lobo, Dinesh Verma, and Xiping Wang (IBM
  Watson)
• Morris Sloman, Alberto Schaeffer-Filho (Imperial
  College)