A Theory of Gray Security Policies [chapter]

Donald Ray, Jay Ligatti
2015 Lecture Notes in Computer Science  
This paper generalizes traditional models of security policies, from specifications of whether programs are secure, to specifications of how secure programs are. This is a generalization from qualitative, black-and-white policies to quantitative, gray policies. Included are generalizations from traditional definitions of safety and liveness policies to definitions of gray-safety and gray-liveness policies. These generalizations preserve key properties of safety and liveness, including that the
more » ... ntersection of safety and liveness is a unique allow-all policy and that every policy can be written as the conjunction of a single safety and a single liveness policy. It is argued that the generalization provides several benefits, including that it serves as a unifying framework for disparate approaches to security metrics, and that it separates-in a practically useful way-specifications of how secure systems are from specifications of how secure users require their systems to be.
doi:10.1007/978-3-319-24177-7_24 fatcat:4wb4qtx4gnbozizwqneujjvfje