NIST logo

Publication Citation: A Matter of Policy

NIST Authors in Bold

Author(s): David F. Ferraiolo; Jeffrey M. Voas; George Hurlburt;
Title: A Matter of Policy
Published: March 26, 2012
Abstract: This paper discusses system security policies. System policies are the set of rules that when implemented afford a strategy for the protection of information. The policy objectives are diverse and span the social-economic spectrum. System policies govern such elements as individual privacy, selective access to proprietary information, national security protection, fraud prevention, data surety and conflict-of-interest. Policy can derive from laws and regulation, but may also stem from business culture and it's tolerance for risk.
Citation: IT Professional (IEEE)
Volume: 14
Issue: 2
Pages: pp. 4 - 7
Keywords: policy, software security, information security, fraud prevention
Research Areas: Data and Informatics, Information Technology, Computer Security
DOI: http://dx.doi.org/10.1109/MITP.2012.30  (Note: May link to a non-U.S. Government webpage)
PDF version: PDF Document Click here to retrieve PDF version of paper (137KB)