Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions

Konstantin Beznosov

16 October 2005

Abstract: Security is an essential feature and foremost concern to Internet and enterprise distributed software applications. However, the adoption of secure distributed applications by commercial and government organizations is considerably hampered by the prohibitively high cost of ownership and the inability to support real-world security requirements adequately. New methods for designing security mechanisms for large-scale distributed applications to enable both lowering the ownership cost of the applications and making them more adequate for real-world security requirements are necessary. In this talk, I will discuss plans for near term research on testing the hypothesis that the attribute function (AF), which I have recently proposed, allows effective use of application-specific factors in security policy decisions without expensive coupling between the decision function and the application. An addition to the traditional decision and enforcement functions present in most security mechanisms (e.g., access control, data protection, and security audit), AF is introduced to provide application-specific information to these functions.

Keyword(s): attribute function ; object security attributes ; access control ; Engineering Security Mechanisms

Published in: Konstantin Beznosov, "Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions," presentation given to the SEEDS, ECE, UBC, Vancouver, BC, Canada, ECE, UBC, 16 September, 2003. :

The record appears in these collections:
Engineering Security Mechanisms
Engineering Secure Software

 Record created 2009-04-27, last modified 2013-05-22

Transfer from CDS 0.99.7:
Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)