Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

A framework for generating user- and domain-tailored security policy editors

: Rudolph, Manuel; Moucha, Cornelius; Feth, Denis


IEEE Computer Society; Institute of Electrical and Electronics Engineers -IEEE-:
IEEE 24th International Requirements Engineering Conference Workshops, REW 2016. Proceedings : 12-16 September 2016, Beijing, China
Los Alamitos, Calif.: IEEE Computer Society Conference Publishing Services (CPS), 2016
ISBN: 978-1-5090-3694-3
ISBN: 978-1-5090-3695-0
International Requirements Engineering Conference (RE) <24, 2016, Beijing>
Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE) <3, 2016, Beijing>
Conference Paper
Fraunhofer IESE ()
policy specification; security policy; policy administration point

In modern enterprises, incorrect or inconsistent security policies can lead to massive damage, e.g., through unintended data leakage. As policy authors have different skills and background knowledge, usable policy editors have to be tailored to the author's individual needs and to the corresponding application domain. However, the development of individual policy editors and the customization of existing ones is an effort consuming task. In this paper, we present a framework for generating tailored policy editors. In order to empower user-friendly and less error-prone specification of security policies, the framework supports multiple platforms, policy languages, and specification paradigms.