CHAOS: An Active Security Mediation System (2000) [5 citations — 2 self]
Abstract:
Abstract. With the emergence of the Internet, collaborative computing has become more feasible than ever. Organizations can share valuable information among each other. However, certain users should only access certain portions of source data. The CHAOS (Configurable Heterogeneous Active Object System) project addresses security issues that arise when information is shared among collaborating enterprises. It provides a framework for integrating security policy specification with source data maintenance. In CHAOS, security policies are incorporated into the data objects as active nodes to form active objects. When active objects are queried, their active nodes are dynamically loaded by the active security mediator and executed. The active nodes, based on the security policy incorporated, can locate and operate on all the elements within the active object, modifying the content as well as the structure of the object. A set of API’s is provided to construct more complex security policies, which can be tailored for different enterprise settings. This model moves the responsibility of security to the source data provider, rather than through a central authority. The design provides enterprises with a flexible mechanism to protect sensitive information in a collaborative computing environment.
