Towards Security in an Open Systems Federation
نویسندگان
چکیده
This paper argues that security design for Open Distributed Processing (ODP) would benefit from a shift of focus from the infrastructure to individual servers as the owners and enforcers of security policy. It debates the policy nuances, mechanisms, and protocol design consequences, that would follow from such a change of emphasis. In ODP, physically separate systems federate into heterogeneous networks of unlimited scale, so there can be no central authority, nor ubiquitous security infrastructure. Servers that offer, trade, supply and consume services must maintain their own security policies and defend themselves. For servers to take security policy and enforcement decisions, design is concerned with how they might seek advice and guidance from higher authority. This contrasts with an administrator imposed policy on a closed homogeneous network, where an infrastructure enforces administrator declared access rights to potential clients, including rights to delegate rights.
منابع مشابه
An information security meta-policy for emergent organizations
There is an increasing movement towards emergent organizations and an adaptation of Web-based information systems (IS). Such trends raise new requirements for security policy development. One such requirement is that information security policy formulation must become federated and emergent. However, existing security policy approaches do not pay much attention to policy formulation at all ± mu...
متن کاملThe Joint Task Force on Cybersecurity Education
The Joint Task Force (JTF) on Cybersecurity Education (http://www.csec2017.org/) was launched in September, 2015 as a collaboration between major international computing societies: Association for Computing Machinery (ACM), IEEE Computer Society (IEEE CS), Association for Information Systems Special Interest Group on Security (AIS SIGSEC1), and International Federation for Information Processin...
متن کاملTowards Measuring the Project Management Process During Large Scale Software System Implementation Phase
Project management is an important factor to accomplish the decision to implement large-scale software systems (LSS) in a successful manner. The effective project management comes into play to plan, coordinate and control such a complex project. Project management factor has been argued as one of the important Critical Success Factor (CSF), which need to be measured and monitored carefully duri...
متن کاملArchitecting Information Security Services for Federated Satellite Systems
This paper investigates the provision of information security services in Federated Satellite Systems. We initiate the discussion by describing possible threats that the system faces, as well as the speci c security services that have to be provided in order to mitigate them. Next, we de ne a set of ve primal security functions that a federated satellite system has to implement and propose the ...
متن کاملA Guanxi Shibboleth based Security Infrastructure for e-Social Science
An e-Social Science infrastructure generally has security requirements to protect their restricted resources or services. As a widely accepted authentication and authorization technology, Shibboleth supports the sharing of resources on interinstitutional federation. Guanxi is an open source implementation of the Shibboleth protocol and architecture. In this paper, we propose a security infrastr...
متن کامل