Home · About · A-Z Index · Search · Contacts · Press · Register · LoginSecurity Forum |
Return to Security home pageCurrent work:- MGIS - PKI Useful links: |
Distributed Security FrameworkThe distributed security framework XDSF (Dec 1994) was the primary guiding document in the development and use of security technologies that were being delivered over the following few years. This framework not only defined the type of security services that would be made available and how, but also provided advice to designers and implementors of specifications in other areas of technology, so that they could take proper advantage of these security services, thus enabling the development of a secure distributed open systems platform. In January 1997, XDSF was replaced by Security Survival - Source Book from The Open Group. Work is currently underway in the Security Forum to develop a new architecture for security, using patterns. This work will result in publication of a Guide to Scurity Patterns (GSP) at the end of 2001. The Security Forum's strategy is to define generic security APIs that are independent of specific underlying security mechanisms. This approach in the XDSF is illustrated in the diagram below:
A consequence of trying to fit all the elements into the diagram, yet retain legibility, was that elements of the Basic Security Services such as Key Management and Security Administration appeared to be layered below the others, in the diagram above. There was however no such layering implied by the Distributed Security Framework. Each security service was required to have both operational interfaces for the invocation of security-related activities, and administrative interfaces for the control and configuration of those services.
This XDSF document also discussed the ways in which the users of the security services; i.e. the applications or platform services, could make use of the services. Such users were roughly categorised into those that are either:
Briefly, security unaware users of the security services are those that are completely unaware of, and unconcerned with, security issues. For example, an application that made use of a platform networking service may use that service without reference to the level of security that is supported by the platform service. Consequently, the following points arose:
Security aware users of the security services were those that required that they were supported by adequate security services, but made no assumptions as to the level of security support that, for instance, a platform service such as networking, would provide. This implied that the user entity may either:
|
Home · Contacts · Legal · Copyright · Members · News |
|||
© The Open Group 1995-2020 |
|||
|