Dynamic authorization and intrusion response in distributed systems

Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2003

Volumn 1, Issue , 2003, Pages 50-61

  Ryutov, T ^a   Neuman, C ^a   Kim, D ^a  

^a UNIVERSITY OF SOUTHERN CALIFORNIA   (United States)

Author keywords

Access control; Authorization; Computer crime; Information security; Intrusion detection; Linux; Permission; Web and internet services; Web server; Wide area networks

Indexed keywords

ACCESS CONTROL; APPLICATION PROGRAMMING INTERFACES (API); COMPUTER CRIME; COMPUTER OPERATING SYSTEMS; GALLIUM ALLOYS; INTERNET; INTERNET PROTOCOLS; LINUX; MERCURY (METAL); NETWORK SECURITY; SECURITY OF DATA; SOCIAL NETWORKING (ONLINE); WEB SERVICES; WIDE AREA NETWORKS; WORLD WIDE WEB;

ACCESS CONTROL POLICIES; AUTHORIZATION; AUTHORIZATION AND ACCESS CONTROL; AUTHORIZATION FRAMEWORKS; INTERNET SERVICES; INTRUSION DETECTION AND RESPONSE; PERMISSION; WEB SERVERS;

INTRUSION DETECTION;

EID: 15944422261     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DISCEX.2003.1194872     Document Type: Conference Paper

References (13)

1. M. Blaze, J. Feigenbaum and J. Lacy. Decentralized Trust Management. Proceedings IEEE Symposium on Security and Privacy, IEEE Computer Press, Los Angeles, pages 164-173, 1996.
2. M. Blaze, J. Feigenbaum and M. Strauss. Compliance Checking in the Policy Maker Trust Management System. In Proceedings of the Financial Cryptography '98, Lecture Notes in Computer Science, volume 1465, pages 254-274.
3. M. Carney and B. Loe. A Comparison of Methods for Implementing Adaptive Security Policies. In Proceedings of the 7th USENIX Security Symposium, pages 1-14, January, 1998.
4. N. Damianou, N. Dulay, E. Lupu and M. Sloman. The Ponder Policy Specification Language. In Proceedings of the Workshop on Policies for Distributed Systems and Networks, Springer-Verlag LNCS 1995, pages 18-39, Bristol, UK, January, 2001.
5. R. J. Hayton, J. M. Bacon and K. Moody. OASIS: Access Control in an Open, Distributed Environment. Proceedings of the IEEE Symposium on Security and Privacy, pages 3-14, Oakland, CA, May 1998.
6. S. Jajodia, P. Samarati and V.S. Subrahmanian. A logical Language for Expressing Authorizations. Proceedings of the 1997 IEEE Symposiumon Security and Privacy, 1997.
7. T. F. Lunt. A Survey of Intrusion Detection Techniques. Computers and Security, volume 12, pages 405-418, June 1993.
8. N. Minsky and V. Ungureanu. Unified Support for Heterogeneous Security Policies in Distributed Systems. In 7th USENIX Security Symposium, San Antonio, Texas, January 1998.
9. N. Minsky and V. Ungureanu. Law-Governed Interaction: A Coordination & Control Mechanism for Heterogeneous Distributed Systems. In ACM Transactions on Software Engineering and Methodology (TOSEM), Vol 9, No 3, pages 273-305, July 2000.
10. B.C. Neuman. Proxy-based authorization and accounting for distributed systems. In Proceedings of the 13th International Conference on Distributed Computing Systems, Pittsburgh, May 1993.
11. B.C. Neuman and T. Ts'o. Kerberos: An authentication service for computer networks. IEEE Communications Magazine, pages 33-38, September 1994.
12. T. V. Ryutov, B. C. Neuman, Li Zhou and Dongho Kim. Integrated Access Control and Intrusion Detection for Web Servers. In Proceedings of the 23rd International Conference on Distributed Computing Systems, Providence, Rhode Island, May 2003.
13. R. Sandhu and P. Samarati. Authentication, Access Control, and Intrusion Detection. The Computer Science and Engineering Handbook, pages 1929-1948, CRC Press, 1997.