|
The PoSecCo project aims at establishing a traceable and sustainable link between high-level requirements and low-level configurations. This link, also named policy chain, is created by means of ad hoc refinement models and tools that permit the translation of the business security requirements (or other intermediate policy abstractions) into a set of low-level settings that, once enforced by appropriate security controls, actually implement them.
The policy abstractions used in the PoSecCo policy chain are the Business Requirements, the IT Policies, and the Abstract Configurations. Together with these abstraction, another format is used to split the refinement of IT Policies into abstract configurations for infrastructure security controls: the Logical Associations. However, they do not belong to the policy chain.
The policy chain is created by the Security Decision Support System (SDSS), a framework that drives the user during the policy-driven (automatic or semi-automatic) generation of the configurations for security controls available in a target information system. In practice, the SDSS implements the PoSecCo top top down approach.
The SDSS consists of the following components, each one implementing a specific SDSS workflow phase:
The SDSS is available as an Eclipse Remote Application Platform (RAP) and as a web application. It is provided under the EPL licence.
The SDSS is complemented by the LA Editor, a standalone application (based on XText) that allows you to edit Logical Associations. It can be downloaded from here:
The current version of the SDSS (1.0.0) is available here.
The SDSS getting started guide is the SDSS - user's manual document. It also includes installation instructions.
The following user manuals are available to work with the SDSS:
The SDSS source code is available here.
The SDSS uses several third-party open source libraries. All the required libraries for this version are available for download at this folder.
Further information on how to configure Eclipse to run and extend the SDSS are available here.
To better understand the components' internals or to extend them, the following developer's manuals support the SDSS:
Last modified on Friday, 13-Dec-2013 19:54:42