Previous section.

Common Security: CDSA and CSSM
Copyright © 1997 The Open Group

Screening Requests Based on Simple Policies

Given a verified system-wide policy definition, a policy enforcer must screen application requests for security services. The policy enforcer simply accepts or rejects each request based on the policy defined in the manifest. In the layered CDSA architecture, there are four candidates to perform policy enforcement:

To screen its own security service requests, an application must have a priori knowledge of the system-wide policy, runtime knowledge of the execution environment, and a willingness to follow the rules. Embedding the policy in the application makes the system-wide policy static. This approach also raises a concern about consistency of policy interpretation and enforcement when each application performs this task. It is often counter-productive for applications to screen/control their own security service request stream.

Each add-in security service module could screen the application requests it receives. This leads to the same problems and concerns encountered with applications screening their own requests. It is also a burden that CSSM should be able to remove from the module vendor community.

The remaining two options, CSSM and special add-in modules that perform policy evaluation, can be used in combination or alone to screen application requests according to a system-wide policy.

Simple Policies

CSSM can provide screening for simple policies. A policy is deemed simple if all of the following hold:

CSSM Mechanisms Supporting Simple Policies

When CSSM is installed on a system, it can receive a verifiable description of a system-wide policy specification. Three existing CSSM mechanisms are enhanced to support enforcement of that system-wide policy:

CSSM enforces simple system-wide policies by screening function calls against:

This mechanism is:

Why not acquire a nicely bound hard copy?
Click here to return to the publication details or order a copy of this publication.
You should also read the legal notice explaining the terms and conditions relating to the CDSA documentation.

Contents Next section Index