In a world made of interconnected systems that manage huge amount of confidential and shared data, security plays a significant role. Policies are the means by which security rules are defined and enforced. The ability of evaluating policies is becoming more and more relevant, especially when referred to cooperation of services belonging to un-trusted domains. In this paper we have focused our attention on Public Key Infrastructures (PKIs); at the state of the art security policies evaluation is expressed by means of security levels. However, policy evaluation must face uncertainty deriving from different perspectives, verbal judgments and lack of information. Fuzzy techniques and uncertainty reasoning can provide a meaningful way of dealing with these issues. We illustrate a fuzzy technique to evaluate the security level for a given policy against a set of reference policy levels.

Security level evaluation: Policy and fuzzy techniques / Casola, V.; Rak, M.; Preziosi, R.; Troiano, L.. - 2:(2004), pp. 752-756. (Intervento presentato al convegno International Conference on Information Technology: Coding Computing, ITCC 2004 tenutosi a Las Vegas, NV, usa nel 2004) [10.1109/ITCC.2004.1286747].

Security level evaluation: Policy and fuzzy techniques

Casola V.;Rak M.;
2004

Abstract

In a world made of interconnected systems that manage huge amount of confidential and shared data, security plays a significant role. Policies are the means by which security rules are defined and enforced. The ability of evaluating policies is becoming more and more relevant, especially when referred to cooperation of services belonging to un-trusted domains. In this paper we have focused our attention on Public Key Infrastructures (PKIs); at the state of the art security policies evaluation is expressed by means of security levels. However, policy evaluation must face uncertainty deriving from different perspectives, verbal judgments and lack of information. Fuzzy techniques and uncertainty reasoning can provide a meaningful way of dealing with these issues. We illustrate a fuzzy technique to evaluate the security level for a given policy against a set of reference policy levels.
2004
0-7695-2108-8
Security level evaluation: Policy and fuzzy techniques / Casola, V.; Rak, M.; Preziosi, R.; Troiano, L.. - 2:(2004), pp. 752-756. (Intervento presentato al convegno International Conference on Information Technology: Coding Computing, ITCC 2004 tenutosi a Las Vegas, NV, usa nel 2004) [10.1109/ITCC.2004.1286747].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11588/813717
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 6
  • ???jsp.display-item.citation.isi??? ND
social impact