Abstract
This paper presents the concept of roaming security agents and shows how it can enable intelligent access control and transparent network protection in distributed computer environments. The security agents are called roaming because they accompany access requests and its resultant information throughout the distributed environment. The paths followed by, the access requests and its resultant information, are also logged by the security agent in an internal data store, called baggage. With the capability to refer to the baggage it is possible to define intelligent access control and network protection rules for access requests and its resultant information within the distributed environment. These access control rules and network protection rules are also held by the accompanying security agent. Protection is therefore transparent to the user, because the agents travel with the access requests and resultant information, and protects it on its path as the need arises (as specified by the protection rules). This paper describes the above concepts in more detail.
Chapter PDF
Similar content being viewed by others
Keywords
References
WH Boshoff and SH von Solms, “A Path Context Model for Addressing Security in Potentially Non-secure environments”, Computers & Security, v8 1989.
WH Boshoff and SH von Solms, “Application of a path context approach to computer security fundamentals”, Security, Butterworth & Heinemann, v12 n2, 1990.
P van Zyl and SH von Solms, “MOSS - A Model for Open Systems Security”, Proceedings of IFIP Sec’94.
ISO 7498–2, “Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture”, 1989.
R Orfali, D Harkey and J Edwards, “The Essential Distributed Objects”, Survival guide, John Willey & Sons, Inc, 1996.
CP Phleeger, “Security in Computing”, Prentice-hall International editions, 1989.
http://www.microsoft.com/ “NT Workstation and NT Server Security”, Sept 1996
http“//www.microsoft.com/ ”Cairo, Distributed Objects, OLE, COM, etc.“, Sept 1996
http://www.microsoft.com/ “Private Communications Technology”, Sept 1996
http://www.ibm.com/ “RACF Overview”, Sept 1996
http://www.ibm.com/ “AIX Security”, Sept 1996
http://www.ibm.com/ “CORBA”, Sept 1996 [13] ISO 7498–1, “Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 1”, 1983
ISO 7498–2, “Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture”, 1989.
http://www.osf.org/ “The Open Software Foundation DCE (Distributed Computing Environment) DFS (Distributed File System)”, Sept 1996
http://www.sun.com/ “SUN’s Network File Service (NFS)”, Sept 1996
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
van Zyl, P.W.J., von Solms, S.H. (1997). Roaming security agents enabling intelligent access control and network protection. In: Yngström, L., Carlsen, J. (eds) Information Security in Research and Business. IFIP — The International Federation for Information Processing. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35259-6_37
Download citation
DOI: https://doi.org/10.1007/978-0-387-35259-6_37
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5481-0
Online ISBN: 978-0-387-35259-6
eBook Packages: Springer Book Archive