Current implementation status

jont at us.ibm.com jont at us.ibm.com
Thu Apr 13 01:25:21 GMT 2000 


Something appearing to be from the hands of Robert Watson ...


| o Generic Authorization Framework

|  Still in the design phases, tentatively named, ``Poligraph'' to
| reflect its ability to dynamically compose policy engines to build
| an overall system policy.

First obvious question:
Which policy are you using to resolve conflicts ?
[ for example see [1] and [2] ]

| Currently modules are being built directly into the FreeBSD code as
| opposed to working via the module interface, which should provide us
| with the information we need to fully understand the requirements of
| such a dynamic security enforcement system.

How does this compare to the Flask stuff from Utah ?
[ and thus the SawMill Linux stuff from IBM :-]

| it is my belief that (if feasible), such a generic enforcement engine
| would reduce development and maintenance time for security modules,

Clearly feasible (cf Flash, SawMill Linux) to have policy control modules
outside the kernel.  It requires caching and cache coherency protocols to
ensure timely revocation ...

| as well as make it possible for third parties to easily distribute
| additional modules supporting their own policy mechanisms.

Again, need conflict resolution strategy ...


One additional feature that I have not seen mentioned is delagation.
In client server architectures, particularly n-tier architectures the
middleware frequently has its own ID and servers need both middleware ID
and client ID to make sensible decisions. [ a degenerate form of this
is stopping root logins or even su on remote terminals. ]

- JonT

[1]
@inproceedings{BJSS97,
 author =    {Eliza Bertino and Sushil Jajodia and Pierangela Samarati and
V. S. Subrahmanian},
 affiliation =   "GMU, Milan Univeristy, Uni of Maryland.",
 title =     {{A Unified Framework for Enforcing Multiple Access Control
Policies}},
 booktitle = "Proceedings of ACM SIGMOD Conference  on Management of Data",
 month    = "May",
 year =      "1997"
}

[2]
@inproceedings{JaSS97,
 author =    {Sushil Jajodia and Pierangela Samarati and V. S.
Subrahmanian},
 affiliation =   "GMU, Milan Univeristy, Uni of Maryland.",
 title =     {{A Logical Language for Expressing Authorizations}},
 booktitle = "Proceedings of the IEEE Symposium on Security and Privacy",
 year =      "1997",
 annote =    "logical access control language that includes roles and
history"
}

---
Jon Tidswell
Advanced OS Technology Group / Sawmill Linux Project
IBM TJ Watson Research Center 30 Saw Mill River Road, Hawthorne, N.Y. 10532

Email: jont at us.ibm.com   Voice: +1 914 784 7550




To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message

More information about the trustedbsd-discuss mailing list