Toggle Main Menu Toggle Search

Open Access padlockePrints

Enforcing the unenforceable

Lookup NU author(s): Professor Peter Ryan


Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


A security policy is intended to regulate the behaviour of a socio-technical system (computers, networks and humans) in such a way as to ensure that certain properties are maintained or goals achieved. Two problems arise here: regulating the behaviour of humans is non-trivial and, secondly, many security goals are not "enforceable" in the Schneider sense, [1]. Thus, security policy mechanisms inevitably involve approximations and trade-offs. We discuss the theoretical and practical limitations on what is technically enforceable and argue for the need for models that encompass social as well as technical enforcement mechanisms.

Publication metadata

Author(s): Ryan PYA

Editor(s): Christianson, B., Crispo, B., Malcolm, J.A., Roe, M.

Publication type: Conference Proceedings (inc. Abstract)

Publication status: Published

Conference Name: Security Protocols: 11th International Workshop on Security Protocols

Year of Conference: 2005

Pages: 178-182

ISSN: 0302-9743 (Print) 1611-3349 (Online)

Publisher: Springer


DOI: 10.1007/11542322_22

Library holdings: Search Newcastle University Library for this item

ISBN: 9783540283898