A new standard security policy language

Abstract

Some of the significant factors that led to the introduction of a new standard security policy language (SSPL) as a tool to help security officers write security policies in a standard format are discussed. The need for automation systems that increased due to more attacks along with continuous change and increase in organizational policies to keep assets secured were some of these factors that to led to the creation of the SSPL. The language facilitated the task of the automation systems and increased the need for a policy tracking tool of defined policies within the organization along with their existing configurations. It included a formal policy statement, scale and domain, descriptive, and extensible languages. The proposed SSPL also covered the intended features from the security policy language. It represented policy as a serialized policy object, while each object encapsulated policy structure and configuration