Browse by author
Lookup NU author(s): Professor Peter Ryan
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
A security policy is intended to regulate the behaviour of a socio-technical system (computers, networks and humans) in such a way as to ensure that certain properties are maintained or goals achieved. Two problems arise here: regulating the behaviour of humans is non-trivial and, secondly, many security goals are not "enforceable" in the Schneider sense, [1]. Thus, security policy mechanisms inevitably involve approximations and trade-offs. We discuss the theoretical and practical limitations on what is technically enforceable and argue for the need for models that encompass social as well as technical enforcement mechanisms.
Author(s): Ryan PYA
Editor(s): Christianson, B., Crispo, B., Malcolm, J.A., Roe, M.
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: Security Protocols: 11th International Workshop on Security Protocols
Year of Conference: 2005
Pages: 178-182
ISSN: 0302-9743 (Print) 1611-3349 (Online)
Publisher: Springer
URL: http://dx.doi.org/10.1007/11542322_22
DOI: 10.1007/11542322_22
Library holdings: Search Newcastle University Library for this item
ISBN: 9783540283898
