SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Embedding security policies into a distributed computing environment
ACM SIGOPS Operating Systems Review
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Sensitive Data Transaction in Hippocratic Multi-Agent Systems
Engineering Societies in the Agents World IX
Security in persistently reactive systems
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
| Hi-index | 0.00 |
One of today' s major challenges in computer security is the ever-increasing multitude of individual, application specific security requirements. As a positive consequence, a wide variety of security policies has been developed, each policy reflecting the specific needs of individual applications. As a negative consequence, the integration of the multitude of policies into today's system platforms made the limitations of traditional architectural foundations of secure computer systems quite obvious. Many of the tradition.al architectural foundations originally aimed at supporting only a single access control policy within a single trusted system environment, This paper discusses a new paradigm to support user-defined security policies in a distributed multi-policy system. The paradigm preserves the successful properties of the traditional architectural foundations while additionally providing strong concepts for user-defined security policies. Among these concepts are policy separation, encapsulation, persistency, cooperation, and reusability. We illustrate the application of our approach in a DCE environ- ment.