Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Usable security policy specification

: Rudolph, Manuel; Feth, Denis


Weyers, Benjamin (Hrsg.) ; Gesellschaft für Informatik -GI-, Fachbereich Mensch-Computer-Interaktion:
Mensch und Computer 2016. Workshopband. Online resource : 4. - 7. September 2016, Aachen
Aachen: GI, 2016
8 S.
Konferenz "Mensch und Computer" <2016, Aachen>
Fraunhofer IESE ()
policy specification

Security policies determine which security requirements have to be met in a domain and how they are implemented organizationally and/or technically. However, their specification at run-time poses a challenge for policy authors (e.g., IT administrators or end users), especially if they are inexperienced in this task. Thus, specification interfaces have to guide the policy author during the specification process. However, matching appropriate specification processes to the policy authors' individual needs is challenging due to a high variability in the authors' skill levels and security perceptions. In this paper, we identify existing specification approaches, derive generic specification paradigms and show the feasibility of one of them in an industrial case study.