TY - GEN
T1 - Constraint Analysis for Security Policy Partitioning Over Tactical Service Oriented Architectures
AU - Gkioulos, Vasileios
AU - Wolthusen, Stephen
PY - 2016/12/25
Y1 - 2016/12/25
N2 - Tactical networks are typically of an ad-hoc nature operating in highly restricted environments and constrained resources. The frequent presence of communication disruptions and network partitioning must also be expected and managed, while core functionalities must be maintained, providing asynchronous invocation and access to services in a distributed manner. Supporting the required functionalities of the contemporary tactical environment, requires the dynamic evaluation of security policies, incorporating semantic knowledge from various network layers, together with facts and rules that are defined axiomatically a priori. However, the required basis for such policy decisions can be excessively extended and dynamic. Thus, it is desirable to locally minimize the scope of the policy maximizing efficiency. In this paper, we therefore analyze criteria and optimization goals for the a priori distribution and partitioning of security policies, ensuring the continuous support of the required capabilities, given the operational tasks of each deployed actor.
AB - Tactical networks are typically of an ad-hoc nature operating in highly restricted environments and constrained resources. The frequent presence of communication disruptions and network partitioning must also be expected and managed, while core functionalities must be maintained, providing asynchronous invocation and access to services in a distributed manner. Supporting the required functionalities of the contemporary tactical environment, requires the dynamic evaluation of security policies, incorporating semantic knowledge from various network layers, together with facts and rules that are defined axiomatically a priori. However, the required basis for such policy decisions can be excessively extended and dynamic. Thus, it is desirable to locally minimize the scope of the policy maximizing efficiency. In this paper, we therefore analyze criteria and optimization goals for the a priori distribution and partitioning of security policies, ensuring the continuous support of the required capabilities, given the operational tasks of each deployed actor.
U2 - 10.1007/978-3-319-44354-6_9
DO - 10.1007/978-3-319-44354-6_9
M3 - Conference contribution
SN - 978-3-319-44352-2
VL - 461
T3 - Advances in Intelligent Systems and Computing
SP - 149
EP - 166
BT - Advances in Network Systems
PB - Springer-Verlag
ER -