Re: Barring Bros Was:Re: SLL protocol implementation ?

• To: www-security@ns2.rutgers.edu
• Subject: Re: Barring Bros Was:Re: SLL protocol implementation ?
• From: Kenneth Rowe <kerowe@cs.umbc.edu>
• Date: Tue, 28 Feb 1995 22:08:30 -0500
• Reply-To: www-security@ns2.rutgers.edu

There are many types of integrity models.  Actually, I like the 
way the NIST/ECMA TR46 (Software Engineering Frameworks) document
categorizes "security".  The call it "Policy Enforcement" and 
break it into three areas: Confidentiality, Integrity, and Conformance.
Under each are Mandatory and Discretionary policies.

It would be nice to see the Web community start to deal with "security"
on a holistic basis.  Really need to develop some example business models
and define the Policy Enforcement attributes.  I seem to remember 
Jeff Hostetler (Spyglass) advocating that kind of an idea.

Ken.
----------------------------------------------------------
Kenneth Rowe			kerowe@cs.umbc.edu
434 Shipley Road		rowe@prairienet.org
Linthicum, MD 21090		Rowe@dockmaster.ncsc.mil
(410) 859-8487 (home)
----------------------------------------------------------

• Previous: Re: SLL protocol implementation ?
• Next: Common Key Ring file format - update
• Index(es):
  • Index
  • Thread