A Configurable Security Architecture Prototype

Hardy and Olivier


Citation information

A. Hardy and M. S. Olivier. “A Configurable Security Architecture Prototype”. In: Data and Applications Security — Developments and Directions. Ed. by B. Thuraisingham et al. Kluwer, 2001, pp. 51–62


Traditional security systems are integrated closely with the applications that they protect or they are a separate component that provides system protection. As a separate component, the security system may be configurable and support various security models. The component does not directly support the application. Instead, operating system objects (such as files) are protected. Security systems that are integrated with the applications that they protect avoid this shortcoming, but are usually not configurable. They also cannot provide the same level of protection that a system provided security component can enforce, as the application does not have access to the hardware that supports these features. The Configurable Security Architecture (ConSA [1]) defines an architecture that provides the flexibility of a system security component while still supporting application security. Such an architecture provides obvious benefits. Security policies can be constructed from off-the-shelf components, supporting a diverse array of security needs. Before this or a similar architecture can be accepted by the industry, the concept must be proven to work theoretically and practically. Olivier [1] has developed the theoretical model and illustrates its usefulness. This paper describes an implementation of ConSA and in so doing, proves that ConSA can be implemented in practice.

Full text

A pre- or postprint of the publication is available at https://mo.co.za/ask/protcons.pdf.
Note that a username and password are required to download the full text. (Why?)Please e-mail me and I will send you a username and password.

Definitive version

The definitive version of the paper is available from the publisher.
DOI: 10.1007/0-306-47008-X_5

BibTeX reference

author={Alexandre Hardy and Martin S Olivier},
title={A Configurable Security Architecture Prototype},
editor={Bhavani Thuraisingham and van de Riet, Reind P and Klaus R Dittrich and Zahir Tari},
booktitle={Data and Applications Security --- Developments and Directions},
year={2001} )

[Publications] [Home]
Page maintained by Martin Olivier
Record refreshed: October 31, 2019

Beta version of new bibliography database; please report errors (or copyright violations) that may have slipped in.