5th European Symposium on Research in Computer Security (ESORICS 98)

Dealing with Multi-policy Security in Large Open Distributed Systems

Christophe Bidan, Valérie Issarny

Abstract : From the security point of view, one challenge for today's distributed architectures is to support interoperation between applications relying on different possibly inconsistent security policies. This paper proposes a practical solution for dealing with the coexistence of different security policies in distributed architectures. We introduce a model for specifying security policies in terms of security domains, access control and information flow rules. Then, we identify the set of operators for combining the specifications of sub-policies and we address the validity of the resulting policy according to the security properties of the sub-policies.

(Pages 51-66)

