Visible to the public Scientific Understanding of Policy Complexity

Project Details

Lead PI

Performance Period

Dec 07, 2022

Ranked 29 out of 118 Group Projects in this group.
11731 related hits.

Goal: To develop a scientific understanding of what makes security policies complex as well as metrics for measuring security policy complexity, defined as the degree of difficulty in understanding by relevant users.

Research Questions: What is the right way to define security policy complexity? How should we measure users' ability to understand and specify security policies? What features of policy languages or policies make them inherently more complex? Can we transform a security policy into a logically equivalent one that has lower complexity? In other words, is today's high complexity for security policies accidental or inherent?