Protecting Security Policies in Ubiquitous Environments Using One-Way Functions
Paper i proceeding, 2004

This paper addresses the problem of protecting security policies and other security-related information in security mechanisms, such as the detection policy of an Intrusion Detection System or the filtering policy of a firewall. Unauthorized disclosure of such information can reveal the fundamental principles and methods for the protection of the whole network, especially in ubiquitous environments where a large number of nodes store knowledge about the security policy of their domain. To avoid this risk we suggest a scheme for protecting stateless security policies using one-way functions. A stateless policy is one that only takes into consideration, the current event, and not the preceding chain of events, when decisions are made. The scheme has a simple and basic design but can still be used for practical implementations, as illustrated in two examples in real-life enviroments. Further research aims to extend the scheme to stateful policies.


Håkan Kvarnström

Chalmers, Institutionen för datorteknik

Hans Hedbom

Chalmers, Institutionen för datorteknik, Datasäkerhet

Erland Jonsson

Chalmers, Institutionen för datorteknik

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

03029743 (ISSN) 16113349 (eISSN)

Vol. 2802 71-85
3-540-20887-9 (ISBN)


Data- och informationsvetenskap



Mer information