Separation of protection and security

Separation of protection and security

In computer sciences the separation of protection and security is a design choice. Wulf et al. identified protection as a mechanism and security as a policy,[1] therefore making the protection-security distinction a particular case of the separation of mechanism and policy principle.

Contents

Overview

The adoption of this distinction in a computer architecture, usually means that protection is provided as a fault tolerance mechanism by hardware/firmware and kernel, whereas the operating system and applications implement their security policies. In this design, security policies rely therefore on the protection mechanisms and on additional cryptography techniques.

The major hardware approach[2] for security or protection is the use of hierarchical protection domains. Prominent example of this approach is ring architecture with "supervisor mode" and "user mode")[3]. Such approach adopts a policy already at the lower levels (hardware/firmware/kernel), restricting the rest of the system to rely on it. Therefore, the choice to distinguish between protection and security in the overall architecture design implies rejection of the hierarchical approach in favour of another one, the capability-based addressing.[1][4]

Design models with the separation

The models with the protection and security separation are: access matrix, UCLA Data Secure Unix, take-grant and filter.

Design models without the separation

The models without such separation are: high-water mark, Bell–LaPadula (original and revisited), information flow, strong dependency and constraints.[5]

Notes

  1. ^ a b Wulf 74 pp.337-345
  2. ^ Swift 2005 p.26
  3. ^ Intel Corporation 2002
  4. ^ Houdek et al. 1981
  5. ^ Landwehr 81, pp. 254, 257; there's a table showing which models for computer security separates protection mechanism and security policy on p. 273

References

See also



Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • Separation of mechanism and policy — The Separation of mechanism [Butler W. Lampson and Howard E. Sturgis. [http://research.microsoft.com/Lampson/15 ReflectionsOnOS/Acrobat.pdf Reflections on an Operating System Design] [http://portal.acm.org/citation.cfm?id=360051.360074]… …   Wikipedia

  • Protection mechanism — In computer science, protection mechanisms are built into a computer architecture to support the enforcement of security policies.[1] A simple definition of a security policy is to set who may use what information in a computer system .[1] The… …   Wikipedia

  • Computer security — This article is about computer security through design and engineering. For computer security exploits and defenses, see computer insecurity. Computer security Secure operating systems Security architecture Security by design Secure coding …   Wikipedia

  • Memory protection — is a way to control memory access rights on a computer, and is a part of most modern operating systems. The main purpose of memory protection is to prevent a process from accessing memory that has not been allocated to it. This prevents a bug… …   Wikipedia

  • Computer security policy — A computer security policy defines the goals and elements of an organization s computer systems. The definition can be highly formal or informal. Security policies are enforced by organizational policies or security mechanisms. A technical… …   Wikipedia

  • Differentiated security — is a form of computer security that deploys a range of different security policies and mechanisms according to the identity and context of a user or transaction. This makes it much more difficult to scale or replicate attacks, since each… …   Wikipedia

  • Separation kernel — A separation kernel is a type of security kernel used to simulate a distributed environment. The concept was introduced by John Rushby in a 1981 paper.John Rushby, The Design and Verification of Secure Systems, Eighth ACM Symposium on Operating… …   Wikipedia

  • United States Department of Homeland Security — DHS redirects here. For other uses, see DHS (disambiguation). United States Department of Homeland Security Agency overview Formed …   Wikipedia

  • United States Air Force Security Forces — Security Forces Badge Active As Military Police (1942 1948) …   Wikipedia

  • Protection Profile — A Protection Profile (PP) is a document used as part of the certification process according to the Common Criteria (CC). As the generic form of a Security Target (ST), it is typically created by a user or user community and provides is an… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”