Sciweavers

DISCEX
2003
IEEE

Dynamic Authorization and Intrusion Response in Distributed Systems

14 years 5 months ago
Dynamic Authorization and Intrusion Response in Distributed Systems
This paper¢ presents an authorization framework for supporting fine-grained access control policies enhanced with light-weight intrusion/misuse detectors and response capabilities. The framework intercepts and analyzes access requests and dynamically adjustssecurity policies to prevent attackers from exploiting application level vulnerabilities. We present a practical, flexible implementation of the framework based on the Generic Authorization and Access Control API (GAA-API) that provides dynamic authorization and intrusion response capabilities for many applications. To evaluate our approach, we integrated the API with several applications, including Apache web server [12], sshd and FreeS/WAN IPsec for Linux. This paper demonstrates the integration of the GAA-API into ssh daemon. By integrating the GAA-API into sshd, the ssh server can support fine-grained authorization policies, dynamic policy update, and application level intrusion detectionand response. The server can also en...
Tatyana Ryutov, B. Clifford Neuman, Dong-Ho Kim
Added 04 Jul 2010
Updated 04 Jul 2010
Type Conference
Year 2003
Where DISCEX
Authors Tatyana Ryutov, B. Clifford Neuman, Dong-Ho Kim
Comments (0)