Title :
The specification and enforcement of advanced security policies
Author :
Ryutov, Tatyana ; Neuman, Clifford
Author_Institution :
Inf. Sci. Inst., Univ. of Southern California, Los Angeles, CA, USA
Abstract :
In a distributed multi-user environment, the security policy must not only specify legitimate user privileges but also aid in the detection of the abuse of the privileges and adapt to perceived system threat conditions. This paper advocates extending authorization policy evaluation mechanisms with a means for generating audit data allowing immediate notification of suspicious application level activity. It additionally suggests that the evaluation of the policies themselves adapt to perceived network threat conditions, possibly affected by the receipt of such audit data by other processes. Such advanced policies assist in detecting and responding to intrusion and misuse and they allow more efficient utilization of security services, such as authentication, audit, and notification. We present an authorization framework, which enables the representation and enforcement of advanced security policies. Our approach is based on expanding the policy evaluation mechanism with the ability to generate real time actions, such as checking the current system threat level and sending a notification.
Keywords :
authorisation; distributed processing; multi-access systems; abuse; audit; authentication; authorization policy evaluation; distributed multi-user environment; intrusion; legitimate user privileges; misuse; notification; policy evaluation mechanism; security policy; suspicious application level activity; Authentication; Authorization; Computer crime; Data security; Information security; Instruments; Intrusion detection; Printers; Protection; Web and internet services;
Conference_Titel :
Policies for Distributed Systems and Networks, 2002. Proceedings. Third International Workshop on
Print_ISBN :
0-7695-1611-4
DOI :
10.1109/POLICY.2002.1011300
