{"title":"高级安全策略的规范和实施","authors":"T. Ryutov, C. Neuman","doi":"10.1109/POLICY.2002.1011300","DOIUrl":null,"url":null,"abstract":"In a distributed multi-user environment, the security policy must not only specify legitimate user privileges but also aid in the detection of the abuse of the privileges and adapt to perceived system threat conditions. This paper advocates extending authorization policy evaluation mechanisms with a means for generating audit data allowing immediate notification of suspicious application level activity. It additionally suggests that the evaluation of the policies themselves adapt to perceived network threat conditions, possibly affected by the receipt of such audit data by other processes. Such advanced policies assist in detecting and responding to intrusion and misuse and they allow more efficient utilization of security services, such as authentication, audit, and notification. We present an authorization framework, which enables the representation and enforcement of advanced security policies. Our approach is based on expanding the policy evaluation mechanism with the ability to generate real time actions, such as checking the current system threat level and sending a notification.","PeriodicalId":370124,"journal":{"name":"Proceedings Third International Workshop on Policies for Distributed Systems and Networks","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"49","resultStr":"{\"title\":\"The specification and enforcement of advanced security policies\",\"authors\":\"T. Ryutov, C. Neuman\",\"doi\":\"10.1109/POLICY.2002.1011300\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In a distributed multi-user environment, the security policy must not only specify legitimate user privileges but also aid in the detection of the abuse of the privileges and adapt to perceived system threat conditions. This paper advocates extending authorization policy evaluation mechanisms with a means for generating audit data allowing immediate notification of suspicious application level activity. It additionally suggests that the evaluation of the policies themselves adapt to perceived network threat conditions, possibly affected by the receipt of such audit data by other processes. Such advanced policies assist in detecting and responding to intrusion and misuse and they allow more efficient utilization of security services, such as authentication, audit, and notification. We present an authorization framework, which enables the representation and enforcement of advanced security policies. Our approach is based on expanding the policy evaluation mechanism with the ability to generate real time actions, such as checking the current system threat level and sending a notification.\",\"PeriodicalId\":370124,\"journal\":{\"name\":\"Proceedings Third International Workshop on Policies for Distributed Systems and Networks\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2002-06-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"49\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings Third International Workshop on Policies for Distributed Systems and Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/POLICY.2002.1011300\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings Third International Workshop on Policies for Distributed Systems and Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/POLICY.2002.1011300","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The specification and enforcement of advanced security policies
In a distributed multi-user environment, the security policy must not only specify legitimate user privileges but also aid in the detection of the abuse of the privileges and adapt to perceived system threat conditions. This paper advocates extending authorization policy evaluation mechanisms with a means for generating audit data allowing immediate notification of suspicious application level activity. It additionally suggests that the evaluation of the policies themselves adapt to perceived network threat conditions, possibly affected by the receipt of such audit data by other processes. Such advanced policies assist in detecting and responding to intrusion and misuse and they allow more efficient utilization of security services, such as authentication, audit, and notification. We present an authorization framework, which enables the representation and enforcement of advanced security policies. Our approach is based on expanding the policy evaluation mechanism with the ability to generate real time actions, such as checking the current system threat level and sending a notification.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
