Tools for Security Policy Definition and Implementation


P. Humenn
Affiliation: BlackWatch Technology, Inc.
Abstract: Assurance in complex distributed systems goes beyond the encryption and signature verification paradigm. Comprehensive tools are needed to define and manage diverse set of security policies.

The current solutions for security consist of single sign-on technology, file and directory permissions, user/group based access control lists (ACLs), and encryption/verification systems, such as Kerberos. Security policies, on the other hand, are more complicated.

In an effort to implement and enforce complicated security policies currently, the system or network administrator attempts to configure the primitives comprehensively. Then, the administrator must maintain the configuration and its integrity. Experience has shown that policies that depend administration of these primitives by hand are prone to error and result in either the system grinding to a halt, or are prone to attacks.

Complicated distributed applications need to describe security policy beyond the notion of file permissions and encryption. Such a policy might be, "An XYZ Trader is only allowed to make transactions under $10K and only between 9 a.m. and 3 p.m." Another might be, "Only clear messages should flow through the local network. Messages from the outside gateway should be encrypted/decrypted at that gateway." Such policies raise the issue security policy definition and enforcement to the level of the application.

Tools are needed to give not only administrators a way to define and manage security policy, but also for application developers to define flexible security policies directly into their applications. This takes an active stance on security rather than the familiar patchwork reactive approach. We present methods and tool interfaces for describing policy and administering it within an object based client/server paradigm.

For more information, contact polar@blackwatch.com.