5th European Symposium on Research in Computer Security (ESORICS 98)
Dealing with Multi-policy Security in Large Open Distributed Systems
Christophe Bidan, Valérie Issarny
Keywords :
Abstract : From the security point of view, one challenge for today's distributed architectures is to support interoperation between applications relying on different possibly inconsistent security policies. This paper proposes a practical solution for dealing with the coexistence of different security policies in distributed architectures. We introduce a model for specifying security policies in terms of security domains, access control and information flow rules. Then, we identify the set of operators for combining the specifications of sub-policies and we address the validity of the resulting policy according to the security properties of the sub-policies.
(Pages 51-66)