Previous section.

Common Security: CDSA and CSSM
Copyright © 1997 The Open Group

Goals and General Approach

The basic goal is to enhance CDSA with transparent support for system-wide, policy-based control of security services in a flexible and extensible manner. This means CSSM cannot hard-wire policy-specific mechanisms into the framework.

Even in the case of stable, long term policies, policy definition, interpretation, and enforcement can require complex procedures. In response, new mechanisms are continually under development to address these complex policy requirements.

Goals

The goals for an enhanced CDSA include:

Requirements

These CDSA goals generate requirements for enhanced CSSM mechanisms to perform the following services:

Specifying a System-Wide Policy

Policies are stated as a set of restrictions on the use of security services. The restrictions are defined in terms of the attributes of the service being restricted. The primary attribute categories for security services are as follows:

Corporations distinguish service representations in product licensing and the United States government has detailed definitions of the representation of cryptography. In a broad definition, an implementation is hardware or software that provides the security operation. Technical knowledge is the schematics or source code for the implementation, and technical assistance is the personal assistance given to another so that person can create an implementation. These do not constitute legal definitions but serve as a guideline to understanding these differences.

Various government entities may consider a cryptographic framework, such as CSSM, to be an implementation of cryptographic services. This may make CSSM subject to the same restrictions as a general purpose cryptographic library. CSSM is best described as "crypto with a hole"; software that provides a common, programmable interface for cryptographic operations where cryptography is added at a later time. While CSSM does not actually implement cryptographic operations, the enhanced CSSM mechanisms for system-wide policy control of security services may facilitate in complying with these government-defined policies.

Policies governing the use of security services can be defined in terms of any combination of the five aspects listed earlier. Every installation can run distinct system-wide policies. Clearly the CSSM-provided policy compliance mechanism(s) must be flexible, configurable, and relatively trustworthy.

Assumptions and Architectural Approach

The enhanced CDSA design assumes:

Three policy enforcement mechanisms consistent with CDSA are shown in Enhanced Common Data Security Architecture .

These mechanisms include:

CSSM is uniquely positioned architecturally to provide these services, as it:

Figure: Enhanced Common Data Security Architecture

Why not acquire a nicely bound hard copy?
Click here to return to the publication details or order a copy of this publication.
You should also read the legal notice explaining the terms and conditions relating to the CDSA documentation.

Contents Next section Index