A key issue in authorization services and computer security in general is the definition of security policies [1]. To help define security policies we have developed a new policy language for authorization systems (PLAS), and a framework in which to apply it. This paper describes the PLAS framework and shows how can it be used within current fields of research in IT security such as protection against downloadable code and in intrusion-detection systems.
[1] Jean E. Smith and Fred W. Weingarten, editors. "Research Challenges for the Next Generation Internet". Computing Research Association, May 1997.
Report from the Workshop on Research Directions for the Next Generation Internet.
By: J. L. Abad-Peiro, H. Debar, T. Schweinberger, and P. Trommler
Published in: RZ3126 in 1999
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .