Scalable Access Policy Administration: Opinions and a Research Agenda
October 2005
Arnon Rosenthal, The MITRE Corporation
ABSTRACT
The emerging world of large, loosely coupled information systems requires major changes to the way we approach security research. For many years, we have proposed construct after construct to enhance the power and scope of policy languages. Unfortunately, this focus has led to models whose complexity is unmanageable, to reinventing technologies that other subdisciplines have done better, and to assumptions that large enterprises simply do not satisfy. We argue that it is time to emphasize a different challenge: radical scale-up. To achieve this, it will be crucial to emphasize simplicity, integration with (non-security) enterprise knowledge, and modularity for both models and administration. This position paper will illustrate the problems, and describe possible ways to achieve the desired capabilities.
» Download Paper [PDF, 294KB]
Additional Search Keywords
Policy administration; access policy; scale; role based access control; semantic web; simplicity; security; privacy
|
