Wednesday, April 28th, 1999
3085 EU II

In attendance:
Karl Levitt (KH), Michael Gertz (MG), Brant Hashii (BH), Kimberly Knowles (KK), Jim Hoagland (JH)


    Direction for Policy Meetings
    Policy Language
    RAID Conference
    Next Meeting

  1. Direction for Policy Meetings
    1. KL: Going over papers, ideas, bunch of policy projects, potential funding -- we don’t understand enough.
    2. JH: Would like to see policy meeting be more than just proposal writing meetings. Talk about different policies, other policy languages, how you’d enforce policies.
    3. BH: Start off with a survey of policy languages, go through papers and projects, here and elsewhere, develop a taxonomy of policies.
      1. Event based policy specification language.
      2. JH: Started to do taxonomy last June.
  2. Policy Language
    1. MG: Prem is working on expressiveness of policy specification language. Computational complexity, impact of adding features, how much more to audit.
      1. What is expressiveness and computational cost? Do same thing with specification language in terms of specifying and insuring policy. Matrix features – overhead on system for policy.
      2. KK: Working with policy language with Prem and Matt as an extension of 253 class project.
    2. KL: Don’t have good understanding of policy language. Access control = more than that - liveness properties.
      1. MG: Properties of policy language, taxonomy of language, expressiveness. A survey of existing languages would be a good paper and very helpful. Current papers in policy create new languages.
      2. MG: What’s a policy specification language anyway?
        1. KL: Specifying and enforcement, detection.
      3. MG: Two levels, predicate logic or temporal logic, nice policy specification language, but what do you do with it? Prove properties but no mechanisms
        1. KL: Program synthesis, if you believe in it.
        2. JH: Look at Woo and Lam paper
      4. MG: Fill out approach expressiveness of a data, hierarchies, structural then temporal aspects, schedule event, compose event, point-based.
        1. KL: Helpful to think about interesting examples with Jim's work. Composition of policies. Predicate calculus- what does it mean in terms of policy?
      5. MG: Integration of policies. System integration, differences for different policy languages. First understand the language.
      6. KL: IDS world, look at enforcement and IDS mechanisms and response mechanisms.
      7. MG: Form mapping methods, then could be more formal. KL: Jim’s work lacking formal aspects.
  3. RAID Conference
    1. KL: May 21st papers due. Call for panel discussions and papers: JH and BH could write papers.
    2. KL: We could write a one-page description for a panel
      1. Other people in field – Mary-Ellen Zurko, data modeling world - Prem
      2. Tetionic logic – Cuypun and Sholvy – model logic.
      3. Someone who knows world of security policy (officer from CIA), requirement in process, writing it down in natural language. Is it actual implementation similar to what we write/read in papers?
      4. Policy languages – Karl Landwer
      5. KK: Advanced Checker – BT Security work for NT product user-friendly gooey that specifies policy on NT system.
      6. KL: Stuart - technical work. Friends at Boeing – Lawrence Rockwell, Sue Shield. Maybe Baiju from industry standpoint. Possibly Jim Anderson. Light on technical ideas
      7. Java people Lee Gong, Java Soft – woman from Oakland conference – work in policy class for Java.
      8. MG and KL to work on 1 page panelist paper.
  4. Next Meeting
    1. KL: For next week, look at papers that Kim, Brant and Jim bring in, top-down approach to cluster papers. Procurements coming up, DARPA has another round, 3 BAAs that relate to security, Presidential Commission Office of Special Technology. ONR/ ARO interested in forming security programs.
    2. Ask if Brant's friends would like to come.