Modern distributed systems tend to be conglomerates of heterogeneous subsystems, which have been designed separately, by different people with little, if any, knowledge of each other --- and which may be governed by different security policies. A single software agent operating within such a system may find itself interacting with, or even belonging to, several subsystems, and thus be subject to several disparate policies. If every such policy is expressed by means of a different formalism and enforced with a different mechanism, the situation can get easily out of hand.
To deal with this problem we propose in this paper a security mechanism that can support efficiently, and in a unified manner, a wide range of security models and policies, including: conventional discretionary models that use capabilities or access-control lists, mandatory lattice-based access control models, and the more sophisticated models and policies required for commercial applications, such as DISTRIBUTED VOTING and SEALED-BID AUCTION. Moreover, under the proposed mechanism, a single agent may be involved in several different modes of interactions that are subject to disparate security policies.
[Based on research done in collaboration with Victoria Ungureanu ]