Filling a Gap in Security Practice
Gio Wiederhold
Stanford University
Filling a Gap in Security Practice
:
Dominant approach
Remaing Issue: �Assuring Secure Collaboration
Collaboration Needs:
The Gap: Assumption that �Acess right = Retrievable data
Expected Problems
Model: Interoperating Domains
Security Mediator
Agents and Privacy
Security Officer
PP Presentation
Roles
Overall Schematic
Security Officer Functions
Rules implement policy
Coverage of Access Paths
A mediator is not just �static software
Software Components
Rule system
PP Presentation
Security Mediator Benefits
TIHI Summary
Backup slides
Application of Rules
General mediation approach: �isolate value-added processing
Rules for Security Mediators
Rule Processing
The Rule Language
The Rule Language - Features...
Rule Type Examples
Rules... (continued)
Security Table Definition
Security Table Definition... (continued)
Rule application - Overview
Implementation
Implementation... (continued)
System Operations