Abstract
Even though policy enforcement has been studied from different angles including notation, negotiation and enforcement, the development of an application-semantic aware enforcement architecture remains an open problem. In this paper we present and discuss the design of such an architecture.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Multics (May 2006), http://www.multicians.org/
Trusted Computing Group (May 2006), http://www.trustedcomputinggroup.org/
Arbaugh, W.A., Farber, D.J., Smith, J.M.: A Secure and Reliable Bootstrap Architecture. In: IEEE Security and Privacy Conference, May 1997, pp. 65–71 (1997)
Alexa Web Search Platform (May 2006), http://websearch.alexa.com/welcome.html
Apple iTunes (May 2006), http://www.apple.com/itunes/
The Jail Subsystem, FreeBSD Architecture Handbook (May 2006), http://www.freebsd.org/doc/en_US.ISO8859-1/books/arch-handbook/jail.html
Anderson, J.P.: Computer Security Technology Planning Study. Technical Report ESD-TR-73-51, U.S. Air Force Electronic Systems Division, Deputy for Command and Management Systems, HQ Electronic Systems Division (AFSC), Bedford, Massachusetts, Vol. 2(5869) (October 1972)
Shapiro, J.S., Vanderburgh, J., Northup, E., Chizmadia, D.: Design of the EROS Trusted Window System. In: Proceedings of the 13th USENIX Security Symposium, pp. 165–178 (2004)
Feske, N., Helmuth, C.: A Nitpicker’s guide to a minimal-complexity secure GUI. In: 21st Annual Computer Security Applications Conference (ACSAC 2005), Tucson, Arizona, USA (2005)
Extensible Access Control Markup Language (XACML). OASIS standards, http://www.oasis-open.org/specs/index.php#xacmlv1.0
eXtensible Rights Markup Language (XrML) (May 2006), http://www.xrml.org
Mobach, D.G.A., Overeinder, B.J., Brazier, F.M.T., Dignum, F.P.M.: A Two-tiered Model of Negotiation Based on Web Service Agreements. In: Proceedings of the Third European Workshop on Multi-Agent Systems (EUMAS 2005) (December 2005)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: IEEE Symposium on Security and Privacy, Oakland, CA (May 1996)
Erlingsson, U., Schneider, F.B.: SASI Enforcement of Security Policies: A Retrospective. In: Proceedings New Security Paradigms Workshop, Ontario (September 1999)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29.2, 38–47 (1996)
Graubert, R.: On the Need for a Third Form of Access Control. In: Proceedings of the 12th National Computer Security Conference, October 1989, pp. 296–304 (1989)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nair, S.K., Crispo, B., Tanenbaum, A.S. (2009). Towards a Secure Application-Semantic Aware Policy Enforcement Architecture. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2006. Lecture Notes in Computer Science, vol 5087. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04904-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-04904-0_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04903-3
Online ISBN: 978-3-642-04904-0
eBook Packages: Computer ScienceComputer Science (R0)