Security Policy Coordination for Heterogeneous Information Systems
Pablo Galiasso, Mauricio Papa & Sujeet Shenoi
Washington State University
Keywords: information enclaves, authorization policy, access control, mediators
Coordinating security policies in information enclaves is challenging due to their heterogeneity and autonomy. Administrators must reconcile the semantic diversity of data and security models before negotiating secure interoperation. This paper proposes an architecture that uses mediators and a primitive ticket-based authorization model to manage disparate policies in loosely coupled information system federations. The formal foundation of the architecture facilitates static and dynamic analysis of global consistency and policy enforcement.