Options for the Policy Server Component of the DRDC Architecture for Secure Access Management: Revision 2006

PDF

Authors
  1. Bacic, E.
  2. Klump, S.
  3. Magar, A.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN);Cinnabar Networks, Ottawa Ont (CAN)
Abstract
Defence R&D Canada – Ottawa (DRDC Ottawa) implemented a proof-of-concept system that combines Privilege Management Infrastructure (PMI) technology and Public Key Infrastructure (PKI) technology to demonstrate a caveat separation capability for the defence environment. A key component of the demonstrated system is a policy server product that provides content-based security. This report examines alternative products and solutions for the implemented policy server that would be consistent with the existing policy component of the proof-of-concept system. This report discusses existing technologies from industry, academia, the military, and research laboratories as well as the possibilities and complexities of designing and implementing a work-alike replacement. This report, which is a 2006 revision of a report originally written in 2003, documents progress in policy research over the ensuing three year period.

Il y a un résumé en français ici.

Keywords
Access control policy;authorization;Bell-LaPadula;computer policy;network policies;policy;policy-based management;policy decision;policy distribution;policy enforcement;policy engines;policy implementation;policy interpreter;policy languages;policy logic;policy mediation;policy models;policy processing;policy products;policy research;policy specification;policy specification language;policy standards;programmable policies;security policies
Report Number
DRDC-OTTAWA-CR-2006-166 — Contractor Report
Date of publication
01 Aug 2006
Number of Pages
164
DSTKIM No
CA028193
CANDIS No
526379
Format(s):
CD ROM

Permanent link

Document 1 of 1

Date modified: