000000030 001__ 30
000000030 005__ 20130522141956.0
000000030 037__ $$aLERSSE-PRESENTATION-2005-013
000000030 041__ $$aeng
000000030 100__ $$aKonstantin Beznosov
000000030 245__ $$aAttribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions
000000030 260__ $$c2005-10-16
000000030 520__ $$aSecurity is an essential feature and foremost concern to Internet and enterprise distributed software applications. However, the adoption of secure distributed applications by commercial and government organizations is considerably hampered by the prohibitively high cost of ownership and the inability to support real-world security requirements adequately. New methods for designing security mechanisms for large-scale distributed applications to enable both lowering the ownership cost of the applications and making them more adequate for real-world security requirements are necessary. In this talk, I will discuss plans for near term research on testing the hypothesis that the attribute function (AF), which I have recently proposed, allows effective use of application-specific factors in security policy decisions without expensive coupling between the decision function and the application. An addition to the traditional decision and enforcement functions present in most security mechanisms (e.g., access control, data protection, and security audit), AF is introduced to provide application-specific information to these functions.
000000030 6531_ $$aattribute function
000000030 6531_ $$aobject security attributes
000000030 6531_ $$aaccess control
000000030 6531_ $$aEngineering Security Mechanisms
000000030 8560_ $$fqiangw@ece.ubc.ca
000000030 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/30/files/30.pdf$$yTransfer from CDS 0.99.7
000000030 909C4 $$pKonstantin Beznosov, "Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions," presentation given to the SEEDS, ECE, UBC, Vancouver, BC, Canada, ECE, UBC, 16 September, 2003.
000000030 980__ $$aPRESENTATION