Browser unable to execute script; please use the site map to navigate the site.

A Configurable Security Architecture Prototype

Hardy and Olivier


(Citation)Citation information

A. Hardy and M. S. Olivier. “A Configurable Security Architecture Prototype”. In: Data and Applications Security — Developments and Directions. Ed. by B. Thuraisingham, R. P. van de Riet, K. R. Dittrich, and Z. Tari. Kluwer, 2001, pp. 51–62


Traditional security systems are integrated closely with the applications that they protect or they are a separate component that provides system protection. As a separate component, the security system may be configurable and support various security models. The component does not directly support the application. Instead, operating system objects (such as files) are protected. Security systems that are integrated with the applications that they protect avoid this shortcoming, but are usually not configurable. They also cannot provide the same level of protection that a system provided security component can enforce, as the application does not have access to the hardware that supports these features. The Configurable Security Architecture (ConSA [1]) defines an architecture that provides the flexibility of a system security component while still supporting application security. Such an architecture provides obvious benefits. Security policies can be constructed from off-the-shelf components, supporting a diverse array of security needs. Before this or a similar architecture can be accepted by the industry, the concept must be proven to work theoretically and practically. Olivier [1] has developed the theoretical model and illustrates its usefulness. This paper describes an implementation of ConSA and in so doing, proves that ConSA can be implemented in practice.

(Full text; password required)Full text

A pre- or postprint of the publication is available at
Note that a username and password are required to download the full text. (Why?) Please e-mail me and I will send you a username and password.

(Authoritative version on publisher's site)Definitive version

The definitive version of the paper is available from the publisher.
DOI: 10.1007/0-306-47008-X_5

(BibTeX record)BibTeX reference

author={Alexandre Hardy and Martin S Olivier},
title={A Configurable Security Architecture Prototype},
editor={Bhavani Thuraisingham and van de Riet, Reind P and Klaus R Dittrich and Zahir Tari},
booktitle={Data and Applications Security --- Developments and Directions},
year={2001} )