next up previous
Next: Assurance Up: DARPA/NSA/DISA Joint Technology Office: Previous: Technology-Security Interplays

Security Policy

As long as security policies have to be only enforced within one domain of protection, this is not very difficult. But now that most computers are connected with networks, it is more important to create rules how data can be securely shared and exchanged between different domains, especially if different security policies apply. Before data can be shared, the security policies of all domains involved have to be known. A decision must be made whether the policy of the target domain meets the desired standard. If this should be done automatically, the problem arises how to compute the security properties of two systems with known but different security properties. As a part of every network, there must be an authorization and access control framework. Many systems, like for example Kerberos, are in use and many algorithms are well-kown. Nevertheless, there are only few standards for such systems. There is a need to generalize the application program interfaces, so that it is possible to change the underlying system without changing the applications. Furthermore, it might be desired to use different systems for one domain. One for communication inside the domain and one for communication to and from the domain which has to have stronger protection. A network also requires access to the user's security attributes. Public key algorithms have brought progress in this area, but they are not the best solution. Public keys are bound to information about a user such as his name and organization. Without a global naming scheme, this creates potential mis-matches both in form and context of the attribute information. Last but not least, there is need to have a uniform access control framework. Often, many different policies are needed for different purposes. There should be an operating system mechanism to support the widest possible range of policies. Configuration of and changes to these policies must be easy to do.
next up previous
Next: Assurance Up: DARPA/NSA/DISA Joint Technology Office: Previous: Technology-Security Interplays
Tim Wellhausen
2000-01-20