Publication
GECCO 2008
Conference paper

MLS security policy evolution with genetic programming

View publication

Abstract

In the early days a policy was a set of simple rules with a clear intuitive motivation that could be formalised to good effect. However the world is becoming much more complex. Subtle risk decisions may often need to be made and people are not always adept at expressing rationale for what they do. In this paper we investigate how policies can be inferred automatically using Genetic Programming (GP) from examples of decisions made. This allows us to discover a policy that may not formally have been documented, or else extract an underlying set of requirements by interpreting user decisions to posed "what if" scenarios. Three proof of concept experiments on MLS Bell-LaPadula, Budgetised MLS and Fuzzy MLS policies have been carried out. The results show this approach is promising. Copyright 2008 ACM.

Date

Publication

GECCO 2008

Authors

Topics

Share