Towards an Access Control Policy Speciication Language for Corba
نویسنده
چکیده
Specifying and managing access control policies for large distributed systems is a non{ trivial task. Commonly, access control policies are speciied in natural language and later reformulated in terms of a particular access control mechanism. Management of policies is thus done in terms of low{level constructs rather than in terms of the speciication. This paper presents and discusses concepts for a declarative speciication language for access control policies in distributed object systems such as CORBA. By providing appropriate constructs, such a language would support a uniied view throughout the lifetime of a policy, i.e. through both speciication and management.
منابع مشابه
Towards an Access Control Policy Speciication Language For
Specifying and managing access control policies for large distributed systems is a non{ trivial task. Commonly, access control policies are speciied in natural language and later reformulated in terms of a particular access control mechanism. Management of policies is thus done in terms of low{level constructs rather than in terms of the speciication. This paper presents and discusses concepts ...
متن کاملTowards a Methodology and Tool for the Analysisof Security - Enhanced Linux Security Policies
Security-Enhanced (SE) Linux is a version of Linux with additional security features. The initial version of SE Linux was released by NSA in January, 2001. The additional security features are incorporated into Linux by superimposing the Flask architecture on its kernel. This architecture includes a security server that makes decisions as to whether particular subjects (i.e., processes) may be ...
متن کاملA Mandatory Access Control Policy Model for Information Security Requirements
Two basic paradigms towards speciication of information security requirements can be taken: continuous speciication and early speciication of requirements. In models supporting continuous specii-cation and reenement of information security requirements, the development organization is more vulnerable to the tampering with partially speciied requirement primitives. This paper proposes a formal m...
متن کاملIntegrating Security Policy Design into the Software Development Process Technical Report B – 01 – 06
Security is an integral part of most modern software systems, but it is still not considered as an explicit part in the development process. Security mechanisms and policies are generally added to existing systems as an afterthought, with all the problems of unsatisfied security requirements, integration difficulties, and mismatches between design models. We propose to integrate the design of a...
متن کاملSupport for ANSI RBAC in CORBA
We describe access control mechanisms of the Common Object Request Broker Architecture (CORBA) and define a configuration of the CORBA protection system in more precise and less ambiguous language than the CORBA Security specification (CORBASec). Using the configuration definition, we suggest an algorithm that formally specifies the semantics of authorization decisions in CORBA. We analyze supp...
متن کامل