Dealing with Multi-Policy Security in Large Open Distributed Systems
Résumé
From the security point of view, one challenge for today's distributed architectures is to support interoperation between applications relying on different possibly inconsistent security policies. This paper proposes a practical approach for dealing with the coexistence of different security policies in distributed architectures. We introduce a model for specifying security policies in terms of security domains and access control rules. Then, we identify the set of operators for combining the specifications of sub-policies and we address the validity of the resulting policy according to the security properties of the sub-policies.