SBIR-STTR Award

The research proposed herein in intended to solve two problems, namely (1) to define a specification framework for access control policies that enables policy composition for both centralized and distributed systems in a precise and systematic manner, and (2) to explore the impact of different security architectures on policy composition. Although most commercial systems support applications that implement their own security policies that are composed with base system policies, the result of such composition is generally unknown and can often lead to security exposures. To date, the precise and systematic characterization of centralized and distributed security policies, which is composed on independently specified policies, remains an elusive goal. Furthermore, a precise analysis of the relative advantages of different system architectures in the policy composition area has not been available to date; e.g., none of the commercially available microkernel-based operating systems implement security policies in a modular manner that would facilitate policy composition. The overall objective of this project is to develop a security policy specification method and tools that would enable the precise definition and composition of different security policies for commercial products using different security architectures. Commercial applications:The security policy specification method and tools, when fully implemented, will provide a significant measure of confidence in the integrity and security of computer systems and networks. As such, they will be marketed to both software producers and security evaluation service providers to make possible precise, systematic development and analysis of simple and composed access control policies, and to help eliminate design and implementation flaws that can lead to security exposures. The method and tools will facilitate the development of access-control policy profiles by any business or government organization under the framework of the Common Criteria for IT security technology.

The overall objective of this research project is to develop a general administrative method and tool for the definition and composition of access control policies in centralized and distributed computer systems. Specifically, the administrative method and tool will allow the definition and composition of a family of separation-of-duty (SoD) policies in role-based, access control (RBAC) systems. The method and tool will be general in the sense that it will allow the definition and composition of a family of SoD policies on different RBAC systems. Although most commercial computer systems support applications that implement their own security policies that are composed with the underlying operating system policy, the result of such composition, and that of composing different application policies with each other within the same systems, is generally unknown and can often lead to security exposure. To date, the systematic definition of families of application-oriented security policies, such as separation of duty, and their composition remains an elusive goal because of the lack of practical methods and administrative tools. The growing commercial interest in this area is largely due to the wide-spread recognition that Web servers may need to support different application policies atop common operating system platforms and networks. COMMERCIAL APPLICATIONS: The security policy definition and composition method and tool, when fully implemented, will provide a significant measure of confidence in the integrity and security of computer systems and network (e.g., world wide web) applications. As such, they will be marketed to both software producers and security service providers to make possible the enforcement and administration of single and composed separation-of-duty policies, and to help eliminate errors that lead to security exposures. The security policy definition and composition method and tool will also facilitate the development of separation-of-duty profiles by any industry, business, or government organization under the framework of the Common Criteria for information security technology