Title: Issues and Challenges of Secure Policy Specification Languages

Year of Publication: Sep - 2014
Page Numbers: 171-180
Authors: Sailaja Arsi, Venkata Narasimha Inukollu and Joseph Urban
Conference Name: The Third International Conference on Informatics Engineering and Information Science (ICIEIS2014)
- Poland


Security policies which describe the behavior of a system through specific rules are becoming an increasingly popular approach for static and dynamic environment applications. The SANS top 20 critical controls are a de facto standard in the software industry to protect against cyber crime. This paper shows the importance of applying the SANS critical controls to a product for producing effective results. This paper provides a policy framework, issues that a secure policy specification language faces, and challenges for secure policy specification languages.