{"title":"执行消息传递安全策略","authors":"Jaromir Likavec, S. Wolthusen","doi":"10.1109/IWIA.2005.7","DOIUrl":null,"url":null,"abstract":"A system for enforcing messaging security policies for both store and forward and streaming messaging protocols on COTS operating system platforms is described. Messaging protocols are subjected to interception, transformation, and filtering based on dynamically configurable security policies. Transformations include the automatic policy-based application of cryptographic confidentiality, integrity, and authenticity mechanisms and filtering primarily based on Bayesian analysis. The system provides a low cost, fine granularity compartmentalization mechanism for secure environments as well as for sensitive but unclassified environments using COTS operating systems and application programs without affecting user or application behavior in which the mediation of access to key material and messaging provides protection against malware and insider attacks.","PeriodicalId":247477,"journal":{"name":"Third IEEE International Workshop on Information Assurance (IWIA'05)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Enforcing messaging security policies\",\"authors\":\"Jaromir Likavec, S. Wolthusen\",\"doi\":\"10.1109/IWIA.2005.7\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A system for enforcing messaging security policies for both store and forward and streaming messaging protocols on COTS operating system platforms is described. Messaging protocols are subjected to interception, transformation, and filtering based on dynamically configurable security policies. Transformations include the automatic policy-based application of cryptographic confidentiality, integrity, and authenticity mechanisms and filtering primarily based on Bayesian analysis. The system provides a low cost, fine granularity compartmentalization mechanism for secure environments as well as for sensitive but unclassified environments using COTS operating systems and application programs without affecting user or application behavior in which the mediation of access to key material and messaging provides protection against malware and insider attacks.\",\"PeriodicalId\":247477,\"journal\":{\"name\":\"Third IEEE International Workshop on Information Assurance (IWIA'05)\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-03-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Third IEEE International Workshop on Information Assurance (IWIA'05)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IWIA.2005.7\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Third IEEE International Workshop on Information Assurance (IWIA'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IWIA.2005.7","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A system for enforcing messaging security policies for both store and forward and streaming messaging protocols on COTS operating system platforms is described. Messaging protocols are subjected to interception, transformation, and filtering based on dynamically configurable security policies. Transformations include the automatic policy-based application of cryptographic confidentiality, integrity, and authenticity mechanisms and filtering primarily based on Bayesian analysis. The system provides a low cost, fine granularity compartmentalization mechanism for secure environments as well as for sensitive but unclassified environments using COTS operating systems and application programs without affecting user or application behavior in which the mediation of access to key material and messaging provides protection against malware and insider attacks.