Scientific Understanding of Policy Complexity
Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.
PI(s): Ninghui Li, Robert Proctor, Ting Yu
Researchers:
HARD PROBLEM(S) ADDRESSED
- Policy-Governed Secure Collaboration - Security policies can be very complex. The same policy can also be expressed in ways of different complexity. It is desirable to have a scientific understanding of measuring how complex a policy and a policy encoding is.
- Human Behavior - Our policy complexity is based on how easy for humans to understand and write policies. There is thus a human behavior aspect to it.
PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.
None so far.
ACCOMPLISHMENT HIGHLIGHTS
- We have conducted a survey of complexity measures for access control policies.
- We have identified identified two ideas for measuring policy complexity, one basing on the number of basic units of a policy (which can be roughly viewed as the number of clauses when expressing a policy in conjunctive normal form), and the other basing on expressing a policy in a language of nested exceptions.