Todays warfighter gains an advantage over adversaries, by deploying advanced information technology that performs analysis and keeps the warfighter informed. The cost of this advantage is managing the complex information technology. Functional breakdowns in the system are quickly noticed. however a breakdown in the security policy may never be noticed. So the solution must ensure the security policy is verified as it is changed in the day-to-day struggle to meet the mission needs. ESPANOLA addresses this rising complexity by applying proven software engineering techniques to security policy engineering. ESPANOLA builds on existing object-oriented design tools for creating the verification constraints and the bulk of the security enforcement policy. The remaining much smaller, portion is built by administrators using a simple interface. Each policy change is checked for consistency based on the security and mission constraints defined by the security policy designers. The administrator does not have to use yet another tool to specify and check policy. The policy is checked, changed and pushed out to all the effected systems with one action.
Keywords: Security Policy, Constraints, Enforcement Mechanism, Security Policy Design, Security Constraints