Title :
Policy mediation for multi-enterprise environments
Author :
Galiasso, P. ; Bremer, O. ; Hale, J. ; Shenoi, S. ; Ferraiola, D. ; Hu, V.
Author_Institution :
Center for Inf. Security, Tulsa Univ., OK, USA
Abstract :
Existing software infrastructures and middleware provide uniform security services across heterogeneous information networks. However few, if any, tools exist that support access control policy management for and between large enterprise information networks. Insiders often exploit gaps in policies to mount devastating attacks. This paper presents a Policy Machine and Policy Mediation Architecture for coordinating diverse policies in large information networks. The language-based approach adopted by each of these technologies permits local and global access control policy validation with static analysis and other formal techniques. Together the Policy Machine and Policy Mediation Architecture comprise an effective system for closing policy gaps in multi-enterprise environments
Keywords :
authorisation; business data processing; information networks; software architecture; Policy Machine; Policy Mediation Architecture; access control policy management; formal techniques; heterogeneous information networks; large enterprise information networks; middleware; multi-enterprise environments; policy mediation; software infrastructures; static analysis; uniform security services; Access control; Authentication; Communication system security; Computer science; Databases; Fasteners; Information security; Mediation; Middleware; NIST;
Conference_Titel :
Computer Security Applications, 2000. ACSAC '00. 16th Annual Conference
Conference_Location :
New Orleans, LA
Print_ISBN :
0-7695-0859-6
DOI :
10.1109/ACSAC.2000.898863
