[Previous] [Next] [Index]
[Thread]
Re: Barring Bros Was:Re: SLL protocol implementation ?
There are many types of integrity models. Actually, I like the
way the NIST/ECMA TR46 (Software Engineering Frameworks) document
categorizes "security". The call it "Policy Enforcement" and
break it into three areas: Confidentiality, Integrity, and Conformance.
Under each are Mandatory and Discretionary policies.
It would be nice to see the Web community start to deal with "security"
on a holistic basis. Really need to develop some example business models
and define the Policy Enforcement attributes. I seem to remember
Jeff Hostetler (Spyglass) advocating that kind of an idea.
Ken.
----------------------------------------------------------
Kenneth Rowe kerowe@cs.umbc.edu
434 Shipley Road rowe@prairienet.org
Linthicum, MD 21090 Rowe@dockmaster.ncsc.mil
(410) 859-8487 (home)
----------------------------------------------------------