Protection reconfiguration for reusable software

Jensen, Christian Damsgaard; Hagimont, Daniel

doi:10.1109/csmr.1998.665751

Cited by 2 publications

(2 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…2) was inspired by research in active capabilities [28,17]. The goal is to provide a framework that can support different security models by using ideas of hidden software capabilities [9], 'The proxy principle' [25] and 'Protection Reconfiguration for Reusable Software' [13].…”

Section: Related Workmentioning

confidence: 99%

Partial outsourcing

Abendroth

Jensen

2003

Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies

View full text Add to dashboard Cite

Various security models have been proposed in recent years for different purposes. Each of these aims to ease administration by introducing new types of security policies and models. This increases the complexity a system administrator is faced with. Ultimately, the resources expended in choosing amongst all of these models leads to less efficient administration.In this paper, we propose a new access control paradigm, which is already well established in virus and SPAM protection as partial delegation of administration to external expertise centres. Well-known vulnerabilities can be filtered out and known sources of attacks can be automatically blocked. We describe how partial outsourcing can be achieved in a secure way. A framework, which enables this process has already been developed.

show abstract

Section: Related Workmentioning

confidence: 99%

Partial outsourcing

Abendroth

Jensen

2003

Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies

View full text Add to dashboard Cite

show abstract

“…The active software capability model is inspired by work on hidden software capabilities in the SIRAC project at IN-RIA Rhône-Alpes [9,12]. Hidden software capabilities separate security from the functional aspects of an application, by delegating management and exchange of capabilities to protection interfaces interposed between client and server.…”

Section: Proxy-based Securitymentioning

confidence: 99%

A unified security framework for networked applications

Abendroth

Jensen

2003

Proceedings of the 2003 ACM Symposium on Applied Computing

View full text Add to dashboard Cite

Various security models have been proposed for different types of applications and numerous types of execution environments. These models are typically reinforced by adding code to the application, which authenticates principals, authorises operations and establishes secure communication among distributed software components (e.g., clients and servers). This code is often application and context-specific, which makes it difficult to integrate an application with other each other.In this paper we propose a new unified access control mechanism that supports most of the existing security models and offers a number of additional controls that are not normally provided by security mechanisms. Moreover, the proposed mechanism integrates well with existing programming paradigms for distributed application, e.g., client/server technology and component based programming. This means that it can be seamlessly integrated with most existing distributed applications. We have implemented the proposed mechanism in a framework, that can be instantiated to implement different security models and policies. We present a qualitative evaluation that demonstrates the framework's ability to support a wide range of security policies and a preliminary performance evaluation of the framework.

show abstract

Protection reconfiguration for reusable software

Abstract: Abstract

Cited by 2 publications

References 8 publications

Partial outsourcing

Partial outsourcing

A unified security framework for networked applications

Contact Info

Product

Resources

About