Experimentation with Adaptive Security Policies.

Abstract

This work provides experimental evidence of the validity of recent theoretical work in the area of adaptive security policies. Solutions for several issues with these policies, including the coupling between policy and implementation, control over policy changes, stale cached data, reassigning security attributes, and recovery from change, were examined using the Distributed Trusted Operating System. Dynamic security lattices and task-based access control, previously studied by ORA, were also examined. The issue of trade-offs between security and fault tolerance, raised by SRI, was also studied, especially the problems of adapting the policy of a fault-tolerant service. An adaptation of an MLS policy enhanced with Type enforcement to a similar policy with more permissions was demonstrated, first using a single Security Server in which the policy table is replaced, and then handing off security decisions from one Security Server to another. Exercise of the relaxed permissions was audited, as specified by the Security Server.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 1996
Accession Number
ADA311215

Entities

People

  • Edward A. Schneider
  • Lynn Tewinkel
  • Michael Carney
  • William Kalsow

Tags

Communities of Interest

  • C4I

DTIC Thesaurus Topics

  • Abstracts
  • Automata
  • Climate Change
  • Command And Control Systems
  • Computer Access Control
  • Computer Programs
  • Computers
  • Control Systems
  • Cybersecurity
  • Fault Tolerance
  • Language
  • Models
  • Operating Systems
  • Prototypes
  • Recovery
  • Servers (Computer Hardware)
  • User Interface

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Parallel and Distributed Computing.
  • Systems Analysis and Design