Title :
Security agility for dynamic execution environments
Author :
Petkac, Mike ; Badger, Lee ; Morrison, Wayne
Author_Institution :
Network Associates Inc., USA
fDate :
6/22/1905 12:00:00 AM
Abstract :
The evolution of dynamic execution environments increasingly requires security policies that are also dynamic in nature to address such events as process migration, changes in personnel, shifts in alliances, and detected intrusion that cannot be well anticipated or addressed by static policies. However, traditional software components designed without (dynamic) security in mind may fail in various degrees when a policy change takes place, including termination of critical processes. This paper reports on techniques developed by the Security Agility for Dynamic Execution Environments project that are encapsulated in a prototype toolkit for integration with software components so they may function effectively in a dynamic security environment. These techniques include methods for making software components aware of their dynamic security policy environment, helping components adapt to policy changes, and adding security policy enforcement mechanisms to software components to mediate client actions when the underlying system software cannot
Keywords :
security of data; software reusability; dynamic execution environments; personnel; process migration; prototype toolkit; security agility; security policies; software components; static policies; Contracts; Event detection; Hardware; Indium tin oxide; Information processing; Information security; Information technology; Personnel; Prototypes; Runtime environment;
Conference_Titel :
DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings
Conference_Location :
Hilton Head, SC
Print_ISBN :
0-7695-0490-6
DOI :
10.1109/DISCEX.2000.825041
