The zero trust principle only allows authorized and authenticated actions in a computer network. A network policy satisfies the least privilege principle by minimizing the network permissions to only those needed by users and applications. However, administrators face many challenges in creating a least privilege policy since it requires a detailed understanding of the network topology and knowing the communication requirements of every network application and user. This paper addresses those challenges by introducing a graph-based policy specification framework to capture a network's communication requirements and a network compiler that turns those requirements into an enforceable policy. To offset the effort of building such a stringent policy, we incorporate patterns to spread the work of policy creation over time and people. In the paper, we first elaborate on how our framework's semantics enhances network security and resilience. We then introduce a Security Policy Regression Testing tool (SPRT), which leverages our framework's semantics, to test and reason about consistency, correctness, and relevance of network security policies. Finally, we outline relevant research directions.
CCS CONCEPTS• Security and privacy → Access control; Authorization; Network security; Domain-specific security and privacy architectures.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.