Cryptographic Security Architecture: Design and Verification Peter Gutmann Springer Cryptographic Security Architecture [...]... what has been achieved, and examines avenues for future work Intended Audience This book is intended for a range of readers interested in security architectures, cryptographic software and hardware, and verification techniques, including: • Designers and implementers: The book discusses in some detail design issues and approaches to meeting various security requirements • Students and researchers: The... The Security Architecture 45 2.1 Security Features of the Architecture 45 2.1.1 Security Architecture Design Goals 46 2.2 Introduction to Security Mechanisms 47 2.2.1 Access Control 47 2.2.2 Reference Monitors .49 2.2.3 Security Policies and Models 49 2.2.4 Security Models after Bell–LaPadula 51 2.2.5 Security Kernels and. .. interface and then bolts on whatever is required to implement the functionality in the interface This work presents an alternative inside-out design that first builds a general crypto /security architecture and then wraps a language-independent interface around it to make particular portions of the architecture available to the user In this case, it is important to distinguish between the architecture and. .. architecture, whereas the approach presented in this work concentrates on the internal architecture only Apart from the very generic APKI [17] and CISS [18][19][20][21] requirements, only CDSA [22][23] appears to provide a general architecture design, and even this is presented at a rather abstract level and defined mostly in terms of the API used to access it In contrast to these approaches, the design. .. nodes and the connections that handle interactions between components are the arcs [26][27] The connections can take a variety of forms, including procedure calls, event broadcast, pipes, and assorted messagepassing mechanisms 1.2 An Introduction to Software Architecture 3 Software architecture descriptions provide a means for system designers to document existing, well-proven design experience and. .. Forwarder -and- receiver model The forwarder-receiver model provides a means for structuring communications between components in a peer-to-peer fashion, at the expense of some loss in efficiency due to the overhead and delay of the marshalling and interprocess communication 8 1 The Software Architecture 1.3 Architecture Design Goals An earlier work [35] gives the design requirements for a general-purpose security. .. security properties such as mandatory and discretionary access control lists (ACLs), most of which are controlled for the object by the architecture s security kernel, and a few object-specific properties that are controlled by the object itself • Intelligent objects The architecture should know what to do with data and control information passed to objects, including the ability to hand it off to other objects... components, their properties and relationships, and their patterns of combination By analysing properties shared across different application areas, it’s possible to identify commonalities among them that may be candidates for the application of a generic solution architecture [24][25] A software architecture can be defined as a collection of components and a description of the interaction and constraints on... 305 8.1.2 Kernel and Verification Co -design .306 8.1.3 Use of Specification-based Testing 306 8.1.4 Use of Cognitive Psychology Principles for Verification 307 8.1.5 Practical Design 307 8.2 Future Research 308 9 Glossary 309 Index 317 1 The Software Architecture 1.1 Introduction Traditional security toolkits have been... removing the need to provide a lengthy and complicated description of the solution [29] When architecting a system, the designer can rely on knowledge of how systems designed to perform similar tasks have been designed in the past The resulting architecture is the embodiment of a set of design decisions, each one admitting one set of subsequent possibilities and discarding others in response to various . Cryptographic Security Architecture: Design and Verification Peter Gutmann Springer Cryptographic Security Architecture