Abstract
Implementing a security policy has to cope with the diversity of communication requirements and applications. We present a policy oriented approach from the observation of common problems and characteristics given in networked applications. The solution reduces the trust required into the security system to a single entity. This is done in an application independent manner by fooling the applications and feigning a conventional, insecure networking environment that is further transformed to a secure communication infrastructure.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35515-3_53
Chapter PDF
Similar content being viewed by others
References
European Union: Draft Directive of the European Parliament and of the Council on a common framework for electronic signatures, The European Council, March 1999.
ITU T, The directory authentication framework, International Telecommunication Union, Recommendation X. 509, 1989.
S. Dusse, P. Hoffman, B. Ramsdell, L. Lundblade, L. Repka, S/MIME Version 2 Message Specification, RFC 2311, March 1998.
A. O. Freier, P. Karlton, P. C. Kocher, SSL Protocol, Version 3. 0
S. Salamone, VPN’s Defining Moment: What exactly is it?, CPN Media, Internet Week, Issue 749, January 1999.
R. Thayer, Bulletproof IP: With authentication and encryption IPSec adds a layer of armour to IP, CMP Net, November 1997, online available at http://www.data.com/tutorials/bullet.html
S. Deering, R. Hinden, Internet Protocol, Version 6 (Ipv6) Specification, RFC 2460, draft standard, December 1998.
MSDN, Introducing Active Server Pages, Microsoft Developer Network, 1999.
Netscape Corporation, Client-Side JavaScript Specification, Version 1. 3, 1998.
W3C, Can one Website hijack anothers content?, the WWW Security FAQ, Client site security, Q.68, World Wide Web Consortium (W3C), 1999.
C. Oakes, Cache and Carry, Wired News, online available at http://www.wired.com/news/news/technology article 15285, September 1998.
Wired, Email Links Carry Bad Code, Wired News, available at http://www.wired.com/news/news/technology article 14288, August 1998.
M. Leech, M. Ganis, Y. Lee, R. Kuris, SOCKS Protocol Version 5, RFC 1928, proposed standard, April 1996.
J. Postel, Simple Mail Transfer Protocol, RFC 821, standard, August 1982.
J. Myers, M. Rose, Post Office Protocol, Version 3, RFC 1933, standard, May 1996.
IAIK, IAIK JCE 2.5, Java Cryptography Extensions, Reference Manual, 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this paper
Cite this paper
Leitold, H., Lipp, P., Sterbenz, A. (2000). Independent Policy Oriented Layering of Security Services. In: Qing, S., Eloff, J.H.P. (eds) Information Security for Global Information Infrastructures. SEC 2000. IFIP — The International Federation for Information Processing, vol 47. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35515-3_10
Download citation
DOI: https://doi.org/10.1007/978-0-387-35515-3_10
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5479-7
Online ISBN: 978-0-387-35515-3
eBook Packages: Springer Book Archive