Academic Commons

Reports

The Zodiac Policy Subsystem: A Policy-Based Management System for a High-Security MANET

Cheng, Yuu-Heng; Alexander, D. Scott; Poylisher, Alex; Raykova, Mariana Petrova; Bellovin, Steven Michael

Zodiac (Zero Outage Dynamic Intrinsically Assurable Communities) is an implementation of a high-security MANET, resistant to multiple types of attacks, including Byzantine faults. The Zodiac architecture poses a set of unique system security, performance, and usability requirements to its policy-based management system (PBMS). In this paper, we identify theses requirements, and present the design and implementation of the Zodiac Policy Subsystem (ZPS), which allows administrators to securely specify, distribute and evaluate network control and system security policies to customize ZODIAC behaviors. ZPS uses the Keynote language for specifying all authorization policies. We also present a simple extension of the Keynote language to support obligation policies.

Subjects

Files

More About This Work

Academic Units
Computer Science
Publisher
Department of Computer Science, Columbia University
Series
Columbia University Computer Science Technical Reports, CUCS-023-09
Published Here
July 12, 2010
Academic Commons provides global access to research and scholarship produced at Columbia University, Barnard College, Teachers College, Union Theological Seminary and Jewish Theological Seminary. Academic Commons is managed by the Columbia University Libraries.