Home

Managing Access Control in Large Scale Heterogeneous Networks

Angelos D. Keromytis; Kostas G. Anagnostakis; Sotiris Ioannidis; Michael Greenwald; Jonathan M. Smith

Title:
Managing Access Control in Large Scale Heterogeneous Networks
Author(s):
Keromytis, Angelos D.
Anagnostakis, Kostas G.
Ioannidis, Sotiris
Greenwald, Michael
Smith, Jonathan M.
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Book/Journal Title:
Proceedings of the NATO Consultation, Command and Control Interoperable Networks for Secure Communication (INSC '03) Symposium, The Hague, Netherlands, November 4-6, 2003
Abstract:
The design principle of maximizing local autonomy except when it conflicts with global robustness has led to a scalable Internet with enormous heterogeneity of both applications and infrastructure. These properties have not been achieved in the mechanisms for specifying and enforcing security policies. The STRONGMAN (for Scalable TRust Of Next Generation MANagement) system [9], [10] offers three new approaches to scalability, applying the principle of local policy enforcement complying with global security policies. First is the use of a compliance checker to provide great local autonomy within the constraints of a global security policy. Second is a mechanism to compose policy rules into a coherent enforceable set, e.g., at the boundaries of two locally autonomous application domains. Third is the "lazy instantiation" of policies to reduce the amount of state that enforcement points need to maintain. In this paper, we focus on the issues of scalability and heterogeneity.
Subject(s):
Computer science
Item views:
44
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use