Next: Research and Development Areas
Up: Feustel, Mayfield: The DGSA:
Previous: Security Policies
Depending on the class of security policies to be implemented, the
design of the operating system may be simple or hard. For some
policies, a virtual machine model may be sufficient. If distribution
of information objects is to be allowed, these machines may be linked
by a Virtual Security Network. Here, the authors refer again to the
IETF Security Protocol suite of specifications and to CORBA. For more
sophisticated policies, the authors recommend to use existing
software architectures like message-oriented Object Frameworks.
Because of the way the DGSA defines relationships between information
domains, the management of the information domains is a key issue for
the implementors and users. Furthermore, the are several issues how
to create security policies and who is allowed to change them. The
authors suggest to design a collection of plugable security modules
which implement the policies. Another concern is audit.
Implementation must be done so that the audit process and its
performance will not lead to turning the audit off.