Condition-Driven Integration of Security Services

Abstract

Deploying security services is hard. Security services are more readily integrated when they can be added at a single point in a network or at a single layer in the protocol stack. Most of today’s widely deployed security tools are deployed in this manner. Unfortunately this kind of deployment significantly limits the kinds of security policies that can be enforced.

The end-goal of security is to control access to information. Many applications require that access be controlled to pieces of information that are only delineated at the application layer. Enforcement of these policies requires application cognizance of security, and today this means that applications and application protocols must be modified.

This talk advocates extending authorization policy enforcement mechanisms with a means for integrating security services. A simple API for authorization will be described that allows application developers to focus on only the aspect of security that matters to them - whether access should be granted. This allows security service policies (i.e. which security mechanisms are to be used for authentication, payment, audit, etc.) to be enforced through the API without specific knowledge or understanding by the application programmer. As new security services become available, this also allows the new services to be integrated by changing policy, rather than by rewriting the application.

Dr. Neuman will additionally suggest that the policies themselves adapt to perceived network threat conditions, possibly affected by the receipt of audit data at other processes. The use of such policies can assist in detecting and responding to intrusion and misuse and lead to more efficient utilization of all security services.