Options for the Policy Server Component of the DRDC Architecture for Secure Access Management

PDF

Authors
  1. Bacic, E.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN);Cinnabar Networks, Ottawa Ont (CAN)
Abstract
Defence R&D Canada – Ottawa (DRDC Ottawa) has implemented a proof-of-concept system that combines Privilege Management Infrastructure (PMI) technology and Public Key Infrastructure (PKI) technology to demonstrate a caveat separation capability for the defence environment. A key component of the demonstrated system is a policy server product that provides content-based security. This paper examines alternative products and solutions to the current policy server that would be consistent with the existing policy component of the proof-of-concept. This paper discusses existing technologies from industry, academia, and military & research laboratories as well as the possibilities and complexities of designing and implementing a work-alike replacement.
Keywords
Policy engines;Bell-LaPadula;Computer policies;Security policies;Policy models;Programmable policies;Network policies;Authorization;Policy based management;Policy Specification Language;Policy deployment;Policy interpreter;Domain security;Access control;Access management;Privilege Management Infrastructure;Public Key Infrastructure;Network security;Authorization
Report Number
DRDC-OTTAWA-CR-2003-082 — Contractor Report
Date of publication
01 Apr 2003
Number of Pages
76
DSTKIM No
CA022721
CANDIS No
519724
Format(s):
Hardcopy;Diskette;Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: