16th Annual Computer Security Applications Conference
December 11-15, 2000
New Orleans, Louisiana

Implementing Security Policies Using the Safe Areas of Computation Approach

André L. M. dos Santos & Richard A. Kemmerer
University of California, Santa Barbara

The World Wide Web is playing a major role in reducing business costs and in providing convenience to users. Digital Libraries capitalize on this technology to distribute documents that are stored in their servers. Online banks capitalize on this technology to reduce their operating costs and to offer 24 hours services to their clients. These two services are examples of services that require a high degree of security. Therefore, they require a higher level of protection than the existing technologies commonly used in the World Wide Web.

An approach that can be used to protect Internet transactions, called Safe Areas of Computation, was described in an earlier ACSAC paper. This paper describes the access control lists used by the Safe Areas of Computation approach, the operations on these access control lists supported by the approach, and how the access control lists can be customized for implementing many different security policies. This paper also describes example policies that can be used to protect Digital Libraries and Online Bank services. The paper uses the bank services as an example of how the generic security policies supported by the SAC approach can be composed.

Read Paper Read Paper (in PDF)