A good deal of work has been carried out in the area of security policies and security policy modelling. In the early days a policy was a set of simple rules with a clear intuitive motivation that could be formalised to good effect. Bell-LaPadula [1] MLS policy is a good example. However the world is now much more complex. Subtle risk decisions may often need to be made and people are not always adept at expressing rationale for what they do. In this paper we investigate how statements of policies can be derived automatically from examples of decisions made. This allows us to automatically discover a policy that may not formally have been documented, or else extract an underlying set of requirements by interpreting user decisions to posed “what if” scenarios. The chosen approach of policy inference is Genetic Programming (GP). Two proof of concept experiments on Bell-LaPadula [1] MLS policies and Fuzzy MLS policies [2], [3] have been carried out. Each decision action in a policy is considered as a classic set and the GP is used to search for the necessary conditions to be a member of that set. The results show that this approach is promising and very reasonable policies can be inferred if the examples in training set are sufficiently diverse. Furthermore, the learning process is largely independent of the parameter settings. Finally, to relax the requirement for diverse examples in a training set, we consider each decision action as a fuzzy set and try to learn its fuzzy membership function. Again, our result shows that such fuzzy model can achieve comparable accuracy with their corresponding classic models yet depends less on the diversity of training examples.
By: Yow Tzu Lim; Pau Chen Cheng; Pankaj Rohatgi; John Andrew Clark
Published in: RC24442 in 2007
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .