Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures. / Wolthusen, Stephen.

Proceedings of the Second International Conference on Future Network Systems and Security. Springer-Verlag, 2016. p. 47-61 (Communications in Computer and Information Science; Vol. 670).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Standard

Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures. / Wolthusen, Stephen.

Proceedings of the Second International Conference on Future Network Systems and Security. Springer-Verlag, 2016. p. 47-61 (Communications in Computer and Information Science; Vol. 670).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Wolthusen, S 2016, Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures. in Proceedings of the Second International Conference on Future Network Systems and Security. Communications in Computer and Information Science, vol. 670, Springer-Verlag, pp. 47-61. https://doi.org/10.1007/978-3-319-48021-3_4

APA

Wolthusen, S. (2016). Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures. In Proceedings of the Second International Conference on Future Network Systems and Security (pp. 47-61). (Communications in Computer and Information Science; Vol. 670). Springer-Verlag. https://doi.org/10.1007/978-3-319-48021-3_4

Vancouver

Wolthusen S. Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures. In Proceedings of the Second International Conference on Future Network Systems and Security. Springer-Verlag. 2016. p. 47-61. (Communications in Computer and Information Science). https://doi.org/10.1007/978-3-319-48021-3_4

Author

Wolthusen, Stephen. / Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures. Proceedings of the Second International Conference on Future Network Systems and Security. Springer-Verlag, 2016. pp. 47-61 (Communications in Computer and Information Science).

BibTeX

@inproceedings{2095b7dce1484b2e82343887fc4cc70d,
title = "Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures",
abstract = "Tactical mobile ad-hoc networks are likely to suffer from highly restricted link capacity and intermittent connectivity loss, but must provide secure access to services. The conditions under which services may be accessed and which security requirements must be maintained will vary dynamically, and local policies will hence change on a per-node basis even when starting from a common baseline such as when nodes obtain new information.In this paper we describe a mechanism allowing structured security policies to incorporate such local changes but to efficiently reconcile across tactical SOA networks, allowing the derivation of policy decisions as precomputed Horn clauses or directly reasoning over a description logic fragment. This mechanism minimises the communication overhead compared to earlier work whilst maintaining policy integrity, thereby allowing security policies to adapt to resource and network constraints and other local knowledge such as node compromises and blacklisting.",
keywords = "Ad hoc network Reconciliation Security Security policies Tactical network ",
author = "Stephen Wolthusen",
year = "2016",
doi = "10.1007/978-3-319-48021-3_4",
language = "English",
isbn = "978-3-319-48020-6",
series = "Communications in Computer and Information Science",
publisher = "Springer-Verlag",
pages = "47--61",
booktitle = "Proceedings of the Second International Conference on Future Network Systems and Security",

}

RIS

TY - GEN

T1 - Efficient Security Policy Reconciliation in Tactical Service Oriented Architectures

AU - Wolthusen, Stephen

PY - 2016

Y1 - 2016

N2 - Tactical mobile ad-hoc networks are likely to suffer from highly restricted link capacity and intermittent connectivity loss, but must provide secure access to services. The conditions under which services may be accessed and which security requirements must be maintained will vary dynamically, and local policies will hence change on a per-node basis even when starting from a common baseline such as when nodes obtain new information.In this paper we describe a mechanism allowing structured security policies to incorporate such local changes but to efficiently reconcile across tactical SOA networks, allowing the derivation of policy decisions as precomputed Horn clauses or directly reasoning over a description logic fragment. This mechanism minimises the communication overhead compared to earlier work whilst maintaining policy integrity, thereby allowing security policies to adapt to resource and network constraints and other local knowledge such as node compromises and blacklisting.

AB - Tactical mobile ad-hoc networks are likely to suffer from highly restricted link capacity and intermittent connectivity loss, but must provide secure access to services. The conditions under which services may be accessed and which security requirements must be maintained will vary dynamically, and local policies will hence change on a per-node basis even when starting from a common baseline such as when nodes obtain new information.In this paper we describe a mechanism allowing structured security policies to incorporate such local changes but to efficiently reconcile across tactical SOA networks, allowing the derivation of policy decisions as precomputed Horn clauses or directly reasoning over a description logic fragment. This mechanism minimises the communication overhead compared to earlier work whilst maintaining policy integrity, thereby allowing security policies to adapt to resource and network constraints and other local knowledge such as node compromises and blacklisting.

KW - Ad hoc network Reconciliation Security Security policies Tactical network

U2 - 10.1007/978-3-319-48021-3_4

DO - 10.1007/978-3-319-48021-3_4

M3 - Conference contribution

SN - 978-3-319-48020-6

T3 - Communications in Computer and Information Science

SP - 47

EP - 61

BT - Proceedings of the Second International Conference on Future Network Systems and Security

PB - Springer-Verlag

ER -