Using SAML for Attribution, Delegation and Least Privilege
Delegation, Attribution and Least Privilege are an implicit part of information sharing. In operating systems like Windows there is no security enforcement for code running in kernel mode and therefore such code always runs with maximum privileges. The principle of least privilege therefore demands...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
International Institute of Informatics and Cybernetics
2011-02-01
|
| Series: | Journal of Systemics, Cybernetics and Informatics |
| Subjects: | |
| Online Access: | http://www.iiisci.org/Journal/CV$/sci/pdfs/NK193KX.pdf
|
| _version_ | 1818518758533103616 |
|---|---|
| author | Coimbatore S. Chandersekaran William R. Simpson |
| author_facet | Coimbatore S. Chandersekaran William R. Simpson |
| author_sort | Coimbatore S. Chandersekaran |
| collection | DOAJ |
| description | Delegation, Attribution and Least Privilege are an implicit part of information sharing. In operating systems like Windows there is no security enforcement for code running in kernel mode and therefore such code always runs with maximum privileges. The principle of least privilege therefore demands the use of a user mode solutions when given the choice between a kernel mode and user mode solution if the two solutions provide the same results. Discussions in this paper will be restricted to OSI model levels five and above. This paper describes the SAML delegation framework in the context of a large enclave-based architecture currently being implemented by the US Air Force. Benefits of the framework include increased flexibility to handle a number of different delegation business scenarios, decreased complexity of the solution, and greater accountability with only a modest amount of additional infrastructure required. |
| first_indexed | 2024-12-11T01:14:36Z |
| format | Article |
| id | doaj.art-6d9c84a92c4d486c89012030074c5aab |
| institution | Directory Open Access Journal |
| issn | 1690-4524 |
| language | English |
| last_indexed | 2024-12-11T01:14:36Z |
| publishDate | 2011-02-01 |
| publisher | International Institute of Informatics and Cybernetics |
| record_format | Article |
| series | Journal of Systemics, Cybernetics and Informatics |
| spelling | doaj.art-6d9c84a92c4d486c89012030074c5aab2022-12-22T01:25:56ZengInternational Institute of Informatics and CyberneticsJournal of Systemics, Cybernetics and Informatics1690-45242011-02-019117Using SAML for Attribution, Delegation and Least PrivilegeCoimbatore S. Chandersekaran0William R. Simpson1 Institute for Defense Analyses Institute for Defense Analyses Delegation, Attribution and Least Privilege are an implicit part of information sharing. In operating systems like Windows there is no security enforcement for code running in kernel mode and therefore such code always runs with maximum privileges. The principle of least privilege therefore demands the use of a user mode solutions when given the choice between a kernel mode and user mode solution if the two solutions provide the same results. Discussions in this paper will be restricted to OSI model levels five and above. This paper describes the SAML delegation framework in the context of a large enclave-based architecture currently being implemented by the US Air Force. Benefits of the framework include increased flexibility to handle a number of different delegation business scenarios, decreased complexity of the solution, and greater accountability with only a modest amount of additional infrastructure required.http://www.iiisci.org/Journal/CV$/sci/pdfs/NK193KX.pdf Information SharingEnterpriseInformation SecurityAttributiondelegationLeast Privilege |
| spellingShingle | Coimbatore S. Chandersekaran William R. Simpson Using SAML for Attribution, Delegation and Least Privilege Journal of Systemics, Cybernetics and Informatics Information Sharing Enterprise Information Security Attribution delegation Least Privilege |
| title | Using SAML for Attribution, Delegation and Least Privilege |
| title_full | Using SAML for Attribution, Delegation and Least Privilege |
| title_fullStr | Using SAML for Attribution, Delegation and Least Privilege |
| title_full_unstemmed | Using SAML for Attribution, Delegation and Least Privilege |
| title_short | Using SAML for Attribution, Delegation and Least Privilege |
| title_sort | using saml for attribution delegation and least privilege |
| topic | Information Sharing Enterprise Information Security Attribution delegation Least Privilege |
| url | http://www.iiisci.org/Journal/CV$/sci/pdfs/NK193KX.pdf
|
| work_keys_str_mv | AT coimbatoreschandersekaran usingsamlforattributiondelegationandleastprivilege AT williamrsimpson usingsamlforattributiondelegationandleastprivilege |