A Protection Scheme For Security Policies In Ubiquitous Environments Using One-Way Functions

Paper in proceeding, 2002

This paper addresses the problem of protecting security policies and other security-related information in security mechanisms and products, such as the detection policy in an Intrusion Detection System (IDS) or the filtering policy in a firewall. Unauthorized disclosure of the such information is particularly serious, since it might reveal the fundamental principles and methods for the security and protection of the whole system or network, which is much more far-reaching that the protection of the target system or security mechanism itself. This problem is especially noticeable in ubiquitous environments where a possible large number of nodes need knowledge about the security policy of their domain. In order to avoid this risk we suggest that security information should be protected using one-way functions and the paper suggests a basic scheme for protecting stateless policies. A stateless policy is a policy that only takes the current event into consideration when decisions are made and not the preceding chain of events. Thus, the process of comparing events towards the policy, i.e. making decisions, could be done in much the same way that passwords are hashed and compared in UNIX systems. However, one important distinction is that security policies contain a certain variability that must be handled and a method for this is discussed. The suggested scheme is very basic and has certain drawbacks as regards practical implementation, but does still clearly demonstrate the protection principle. We expect further research to result in extended methods that are more suitable for practical design.