Information Technology Reference
In-Depth Information
−
Domain separation
. Domains can be separated by splitting the activities, for which
a conflict exists, into two or more activities that belong to different domains.
−
Prioritizing and regulating policies
. The enforcement of policies could be regu-
lated through predefined priority sets or specialized rules. These sets or rules may
be recorded in
meta-policies,
(i.e. policies about policies), which are also stored in
the SPR.
5.4
Step IV: Antagonism Reconciliation
Antagonism refers to conflicts arising when security policies compete over the control
of objects and agents. This is similar to domain overlapping, but whilst domain over-
lapping refers to conflicting rules for the same activities performed by the same
agents on the same objects, antagonism refers to conflicts that concern the same ob-
jects or agents for different activities. Another case of antagonism is when different
policies allow the same subject to assume several conflicting roles.
6
Policy Assessment
Another contribution of SPR is its potential use for the assessment of security poli-
cies. The structured way, in which policies are expressed within the SPR, facilitates
the process of assessing the completeness and effectiveness of security policies. The
assessment process should consider issues, such as:
1. Are the declared objectives compatible with the existing legislation, codes of con-
duct and, if there are such, generic security policies?
2. Are the existing rules and guidelines sufficient for the achievement of the declared
objectives?
3. Are all the necessary categories of guidelines covered by specific guidelines?
4. In case IS claims to follow a generic security policy, are there rules and guidelines
for achieving the required specialization of the generic security policy in an effec-
tive way?
5. Does the domain model describe adequately the actual domain of application?
6. Are all domain elements sufficiently controlled by the policy?
7. Is the policy implemented correctly?
Policy assessment can be performed by any of the parties registered with the SPR.
However, it is suggested that preferred policies are identified and assured by author-
ized third parties only. Policy assessment does foster trust between HCE, as well as
between patients and HCE. This is a prerequisite for HIS co-operation as well as for
the effective operation of any HIS alone.
7
Conclusions
We have presented the Security Policies Repository (SPR), a system facilitating the
modeling, storage, and management of multiple security policies. The SPR supports
the juxtaposition of security policies, in order to detect, analyze, and resolve conflicts,
